5 CFR 930.301 - Information systems security awareness training program.

Science.gov (United States)

2010-01-01

... 5 Administrative Personnel 2 2010-01-01 2010-01-01 false Information systems security awareness... (MISCELLANEOUS) Information Security Responsibilities for Employees who Manage or Use Federal Information Systems § 930.301 Information systems security awareness training program. Each Executive Agency must develop a...

Cross-layer design for intrusion detection and data security in wireless ad hoc sensor networks

Science.gov (United States)

Hortos, William S.

2007-09-01

A wireless ad hoc sensor network is a configuration for area surveillance that affords rapid, flexible deployment in arbitrary threat environments. There is no infrastructure support and sensor nodes communicate with each other only when they are in transmission range. The nodes are severely resource-constrained, with limited processing, memory and power capacities and must operate cooperatively to fulfill a common mission in typically unattended modes. In a wireless sensor network (WSN), each sensor at a node can observe locally some underlying physical phenomenon and sends a quantized version of the observation to sink (destination) nodes via wireless links. Since the wireless medium can be easily eavesdropped, links can be compromised by intrusion attacks from nodes that may mount denial-of-service attacks or insert spurious information into routing packets, leading to routing loops, long timeouts, impersonation, and node exhaustion. A cross-layer design based on protocol-layer interactions is proposed for detection and identification of various intrusion attacks on WSN operation. A feature set is formed from selected cross-layer parameters of the WSN protocol to detect and identify security threats due to intrusion attacks. A separate protocol is not constructed from the cross-layer design; instead, security attributes and quantified trust levels at and among nodes established during data exchanges complement customary WSN metrics of energy usage, reliability, route availability, and end-to-end quality-of-service (QoS) provisioning. Statistical pattern recognition algorithms are applied that use observed feature-set patterns observed during network operations, viewed as security audit logs. These algorithms provide the "best" network global performance in the presence of various intrusion attacks. A set of mobile (software) agents distributed at the nodes implement the algorithms, by moving among the layers involved in the network response at each active node

Securing Cloud Computing from Different Attacks Using Intrusion Detection Systems

Directory of Open Access Journals (Sweden)

Omar Achbarou

2017-03-01

Full Text Available Cloud computing is a new way of integrating a set of old technologies to implement a new paradigm that creates an avenue for users to have access to shared and configurable resources through internet on-demand. This system has many common characteristics with distributed systems, hence, the cloud computing also uses the features of networking. Thus the security is the biggest issue of this system, because the services of cloud computing is based on the sharing. Thus, a cloud computing environment requires some intrusion detection systems (IDSs for protecting each machine against attacks. The aim of this work is to present a classification of attacks threatening the availability, confidentiality and integrity of cloud resources and services. Furthermore, we provide literature review of attacks related to the identified categories. Additionally, this paper also introduces related intrusion detection models to identify and prevent these types of attacks.

Application of the Concept of Intrusion Tolerant System for Evaluating Cyber Security Enhancements

Energy Technology Data Exchange (ETDEWEB)

Lee, Chanyoung; Seong, Poong Hyun [KAIST, Daejeon (Korea, Republic of)

2016-10-15

One of the major problems is that nuclear industry is in very early stage in dealing with cyber security issues. It is because that cyber security has received less attention compared to other safety problems. In addition, late adoption of digital I and C systems has resulted in lower level of cyber security advancements in nuclear industry than ones in other industries. For the cyber security of NPP I and C systems, many regulatory documents, guides and standards were already published. These documents include cyber security plans, methods for cyber security assessments and comprehensive set of security controls. However, methods which can help assess how much security is improved if a specific security control is applied are not included in these documents. Hence, NPP I and C system designers may encounter difficulties when trying to apply security controls with limited structure and cost. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. The extent of cyber security improvement caused by security enhancement was defined as reduction ratio of the failure probability to secure the system from cyber-attack as Eq.1. The concept of 'intrusion tolerant system' was applied to not only prevent cyber-attacks but also limit the extent of damage in this study. For applying the concept of intrusion tolerant system to NPP, the event tree was constructed with some assumptions. Cyber security improvement caused by cyber security enhancement can be estimated as Eq.3. By comparing current system to the enhanced system, it is

Application of the Concept of Intrusion Tolerant System for Evaluating Cyber Security Enhancements

International Nuclear Information System (INIS)

Lee, Chanyoung; Seong, Poong Hyun

2016-01-01

One of the major problems is that nuclear industry is in very early stage in dealing with cyber security issues. It is because that cyber security has received less attention compared to other safety problems. In addition, late adoption of digital I and C systems has resulted in lower level of cyber security advancements in nuclear industry than ones in other industries. For the cyber security of NPP I and C systems, many regulatory documents, guides and standards were already published. These documents include cyber security plans, methods for cyber security assessments and comprehensive set of security controls. However, methods which can help assess how much security is improved if a specific security control is applied are not included in these documents. Hence, NPP I and C system designers may encounter difficulties when trying to apply security controls with limited structure and cost. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. In order to provide useful information about cyber security issues including cyber security enhancements, this paper suggests a framework to evaluate how much cyber security is improved when a specific cyber security enhancement is applied in NPPs. The extent of cyber security improvement caused by security enhancement was defined as reduction ratio of the failure probability to secure the system from cyber-attack as Eq.1. The concept of 'intrusion tolerant system' was applied to not only prevent cyber-attacks but also limit the extent of damage in this study. For applying the concept of intrusion tolerant system to NPP, the event tree was constructed with some assumptions. Cyber security improvement caused by cyber security enhancement can be estimated as Eq.3. By comparing current system to the enhanced system, it is possible to

Cyber security awareness toolkit for national security: an approach to South Africa's cyber security policy implementation

CSIR Research Space (South Africa)

Phahlamohlaka, LJ

2011-05-01

Full Text Available The aim of this paper is to propose an approach that South Africa could follow in implementing its proposed cyber security policy. The paper proposes a Cyber Security Awareness Toolkit that is underpinned by key National Security imperatives...

Examining the Security Awareness, Information Privacy, and the Security Behaviors of Home Computer Users

Science.gov (United States)

Edwards, Keith

2015-01-01

Attacks on computer systems continue to be a problem. The majority of the attacks target home computer users. To help mitigate the attacks some companies provide security awareness training to their employees. However, not all people work for a company that provides security awareness training and typically, home computer users do not have the…

Network Intrusion Detection System using Apache Storm

Directory of Open Access Journals (Sweden)

Muhammad Asif Manzoor

2017-06-01

Full Text Available Network security implements various strategies for the identification and prevention of security breaches. Network intrusion detection is a critical component of network management for security, quality of service and other purposes. These systems allow early detection of network intrusion and malicious activities; so that the Network Security infrastructure can react to mitigate these threats. Various systems are proposed to enhance the network security. We are proposing to use anomaly based network intrusion detection system in this work. Anomaly based intrusion detection system can identify the new network threats. We also propose to use Real-time Big Data Stream Processing Framework, Apache Storm, for the implementation of network intrusion detection system. Apache Storm can help to manage the network traffic which is generated at enormous speed and size and the network traffic speed and size is constantly increasing. We have used Support Vector Machine in this work. We use Knowledge Discovery and Data Mining 1999 (KDD’99 dataset to test and evaluate our proposed solution.

Explore Awareness of Information Security: Insights from Cognitive Neuromechanism.

Science.gov (United States)

Han, Dongmei; Dai, Yonghui; Han, Tianlin; Dai, Xingyun

2015-01-01

With the rapid development of the internet and information technology, the increasingly diversified portable mobile terminals, online shopping, and social media have facilitated information exchange, social communication, and financial payment for people more and more than ever before. In the meantime, information security and privacy protection have been meeting with new severe challenges. Although we have taken a variety of information security measures in both management and technology, the actual effectiveness depends firstly on people's awareness of information security and the cognition of potential risks. In order to explore the new technology for the objective assessment of people's awareness and cognition on information security, this paper takes the online financial payment as example and conducts an experimental study based on the analysis of electrophysiological signals. Results indicate that left hemisphere and beta rhythms of electroencephalogram (EEG) signal are sensitive to the cognitive degree of risks in the awareness of information security, which may be probably considered as the sign to assess people's cognition of potential risks in online financial payment.

Explore Awareness of Information Security: Insights from Cognitive Neuromechanism

Directory of Open Access Journals (Sweden)

Dongmei Han

2015-01-01

Full Text Available With the rapid development of the internet and information technology, the increasingly diversified portable mobile terminals, online shopping, and social media have facilitated information exchange, social communication, and financial payment for people more and more than ever before. In the meantime, information security and privacy protection have been meeting with new severe challenges. Although we have taken a variety of information security measures in both management and technology, the actual effectiveness depends firstly on people’s awareness of information security and the cognition of potential risks. In order to explore the new technology for the objective assessment of people’s awareness and cognition on information security, this paper takes the online financial payment as example and conducts an experimental study based on the analysis of electrophysiological signals. Results indicate that left hemisphere and beta rhythms of electroencephalogram (EEG signal are sensitive to the cognitive degree of risks in the awareness of information security, which may be probably considered as the sign to assess people’s cognition of potential risks in online financial payment.

A Survey on Cyber Security awareness among college students in Tamil Nadu

Science.gov (United States)

Senthilkumar, K.; Easwaramoorthy, Sathishkumar

2017-11-01

The aim of the study is to analyse the awareness of cyber security on college students in Tamil Nadu by focusing various security threats in the internet. In recent years cybercrime is an enormous challenge in all areas including national security, public safety and personal privacy. To prevent from a victim of cybercrime everyone must know about their own security and safety measures to protect by themselves. A well-structured questionnaire survey method will be applied to analyse the college student’s awareness in the area of cyber security. This survey will be going to conducted in major cities of Tamil Nadu by focusing various security threats like email, virus, phishing, fake advertisement, popup windows and other attacks in the internet. This survey examines the college students’ awareness and the level of awareness about the security issues and some suggestions are set forth to overcome these issues.

The Impact of Information Richness on Information Security Awareness Training Effectiveness

Science.gov (United States)

Shaw, R. S.; Chen, Charlie C.; Harris, Albert L.; Huang, Hui-Jou

2009-01-01

In recent years, rapid progress in the use of the internet has resulted in huge losses in many organizations due to lax security. As a result, information security awareness is becoming an important issue to anyone using the Internet. To reduce losses, organizations have made information security awareness a top priority. The three main barriers…

Efficient Mining and Detection of Sequential Intrusion Patterns for Network Intrusion Detection Systems

Science.gov (United States)

Shyu, Mei-Ling; Huang, Zifang; Luo, Hongli

In recent years, pervasive computing infrastructures have greatly improved the interaction between human and system. As we put more reliance on these computing infrastructures, we also face threats of network intrusion and/or any new forms of undesirable IT-based activities. Hence, network security has become an extremely important issue, which is closely connected with homeland security, business transactions, and people's daily life. Accurate and efficient intrusion detection technologies are required to safeguard the network systems and the critical information transmitted in the network systems. In this chapter, a novel network intrusion detection framework for mining and detecting sequential intrusion patterns is proposed. The proposed framework consists of a Collateral Representative Subspace Projection Modeling (C-RSPM) component for supervised classification, and an inter-transactional association rule mining method based on Layer Divided Modeling (LDM) for temporal pattern analysis. Experiments on the KDD99 data set and the traffic data set generated by a private LAN testbed show promising results with high detection rates, low processing time, and low false alarm rates in mining and detecting sequential intrusion detections.

Security in Context-aware Mobile Business Applications

OpenAIRE

Tatli, Emin Islam

2008-01-01

The support of location computation on mobile devices (e.g. mobile phones, PDAs) has enabled the development of context-aware and especially location-aware applications (e.g. Restaurant Finder, Friend Finder) which are becoming the new trend for future software applications. However, fears regarding security and privacy are the biggest barriers against their success. Especially, mobile users are afraid of the possible threats against their private identity and personal data. Within the M-Busi...

Experimental Study of Nuclear Security System Components for Achieving the Intrusion Process via Sensor's Network System

International Nuclear Information System (INIS)

EL-Kafas, A.A.

2011-01-01

Cluster sensors are one of nuclear security system components which are used to detect any intrusion process of the nuclear sites. In this work, an experimental measuring test for sensor performance and procedures are presented. Sensor performance testing performed to determine whether a particular sensor will be acceptable in a proposed design. We have access to a sensors test field in which the sensor of interest is already properly installed and the parameters have been set to optimal levels by preliminary testing. The glass-breakage (G.B) and open door (O.D) sensors construction, operation and design for the investigated nuclear site are explained. Intrusion tests were carried out inside the field areas of the sensors to evaluate the sensor performance during the intrusion process. Experimental trials were performed for achieving the intrusion process via sensor network system. The performance and intrusion senses of cluster sensors inside the internal zones was recorded and evaluated. The obtained results explained that the tested and experimented G.B sensors have a probability of detection P (D) value 65% founded, and 80% P (D) of Open-door sensor

Impact of Security Awareness Programs on End-User Security Behavior: A Quantitative Study of Federal Workers

Science.gov (United States)

Smith, Gwendolynn T.

2012-01-01

The increasing dependence on technology presented more vulnerability to security breaches of information and the need to assess security awareness levels in federal organizations, as well as other organizations. Increased headlines of security breaches of federal employees' security actions prompted this study. The research study reviewed the…

Evaluating cyber security awareness in South Africa

CSIR Research Space (South Africa)

Grobler, M

2011-07-01

Full Text Available broadband capability and knowledge transfer within rural communities. To evaluate the current level of cyber security awareness, a series of exploratory surveys have been distributed to less technologically resourced entities in rural and deep rural...

On the Modelling of Context-Aware Security for Mobile Devices

Directory of Open Access Journals (Sweden)

Tomasz Zurek

2016-01-01

Full Text Available Security management in wireless networks has to deal with the changing character of the environment, which can further lead to decision making problem for unexpected events. Among a huge list of devices, the mobile ones are especially vulnerable to this situation. The solution for adapting systems and applications to dynamic environments can be context-aware description of the user actions, which gives a possibility to take into account the factors that influence these actions. In the article, we propose a context-aware security adjusting model, which is based on proposition logic and incorporates mechanisms that assist in the reasoning process. The main benefits that differentiate our approach from similar ones are a formal representation of the model, the usage of the whole spectrum of context attributes, the detection and analysis of contextual data integrity, and conflicting rules’ eradication capability. All these traits transcribe into a more effective way of adjusting security measures in accordance with existing circumstances. To illustrate the proposed approach, we present the case study of context-aware security management for mobile devices.

Examining the Relationship between Organization Systems and Information Security Awareness

Science.gov (United States)

Tintamusik, Yanarong

2010-01-01

The focus of this dissertation was to examine the crucial relationship between organization systems within the framework of the organizational behavior theory and information security awareness (ISA) of users within the framework of the information security theory. Despite advanced security technologies designed to protect information assets,…

Cyber security awareness toolkit for national security: An approach to South Africa’s cybersecurity policy implementation

CSIR Research Space (South Africa)

Phahlamohlaka, LJ

2011-05-01

Full Text Available The aim of this paper is to propose an approach that South Africa could follow in implementing its proposed Cyber security policy. The paper proposes a Cyber Security Awareness Toolkit that is underpinned by key National Security imperatives as well...

Information Security – Guidance for Manually Completing the Information Security Awareness Training

Science.gov (United States)

The purpose of this guidance is to provide an alternative manual process for disseminating EPA Information Security Awareness Training (ISAT) materials and collecting results from EPA users who elect to complete the ISAT manually.

Context aware adaptive security service model

Science.gov (United States)

Tunia, Marcin A.

2015-09-01

Present systems and devices are usually protected against different threats concerning digital data processing. The protection mechanisms consume resources, which are either highly limited or intensively utilized by many entities. The optimization of these resources usage is advantageous. The resources that are saved performing optimization may be utilized by other mechanisms or may be sufficient for longer time. It is usually assumed that protection has to provide specific quality and attack resistance. By interpreting context situation of business services - users and services themselves, it is possible to adapt security services parameters to countermeasure threats associated with current situation. This approach leads to optimization of used resources and maintains sufficient security level. This paper presents architecture of adaptive security service, which is context-aware and exploits quality of context data issue.

A conceptual framework for cyber security awareness and education in SA

Directory of Open Access Journals (Sweden)

Noluxolo Kortjan

2014-06-01

Full Text Available The Internet is becoming increasingly interwoven in the daily lives of many individuals, organisations and nations. It has, to a large extent, had a positive effect on the way people communicate. It has also introduced new avenues for business; and it has offered nations an opportunity to govern online. Nevertheless, although cyberspace offers an endless list of services and opportunities, it is also accompanied by many risks, of which many Internet users are not aware. As such, various countries have developed and implemented cyber-security awareness and education measures to counter the perceived ignorance of the Internet users. However, there is currently a definite lack in South Africa (SA in this regard; as there are currently, little government-led and sponsored cyber-security awareness and education initiatives. The primary research objective of this paper, therefore, is to propose a cyber-security awareness and education framework for SA that would assist in creating a cyber-secure culture in SA among all of the users of the Internet. This framework will be developed on the basis of key factors extrapolated from a comparative analysis of relevant developed countries.

Cyber Security Training and Awareness Through Game Play

National Research Council Canada - National Science Library

Cone, Benjamin D; Thompson, Michael F; Irvine, Cynthia E; Nguyen, Thuy D

2006-01-01

Although many of the concepts included in staff cyber-security awareness training are universal, such training often must be tailored to address the policies and requirements of a particular organization...

Intrusion detection in wireless ad-hoc networks

CERN Document Server

Chaki, Nabendu

2014-01-01

Presenting cutting-edge research, Intrusion Detection in Wireless Ad-Hoc Networks explores the security aspects of the basic categories of wireless ad-hoc networks and related application areas. Focusing on intrusion detection systems (IDSs), it explains how to establish security solutions for the range of wireless networks, including mobile ad-hoc networks, hybrid wireless networks, and sensor networks.This edited volume reviews and analyzes state-of-the-art IDSs for various wireless ad-hoc networks. It includes case studies on honesty-based intrusion detection systems, cluster oriented-based

A Survey on Security-Aware Measurement in SDN

Directory of Open Access Journals (Sweden)

Heng Zhang

2018-01-01

Full Text Available Software-defined networking (SDN is one of the most prevailing networking paradigms in current and next-generation networks. Basically, the highly featured separation of control and data planes makes SDN a proper solution towards many practical problems that challenge legacy networks, for example, energy efficiency, dynamic network configuration, agile network measurement, and flexible network deployment. Although the SDN and its applications have been extensively studied for several years, the research of SDN security is still in its infancy. Typically, the SDN suffers from architecture defect and OpenFlow protocol loopholes such as single controller problem, deficiency of communication verification, and network resources constraint. Hence, network measurement is a fundamental technique of protecting SDN against the above security threats. Specifically, network measurement aims to understand and quantify a variety of network behaviors to facilitate network management and monitoring, anomaly detection, network troubleshooting, and the establishment of security mechanisms. In this paper, we present a systematic survey on security-aware measurement technology in SDN. In particular, we first review the basic architecture of SDN and corresponding security challenges. Then, we investigate two performance measurement techniques in SDN, namely, link latency and available bandwidth measurements. After that, we further provide a general overview of topology measurement in SDN including intradomain and interdomain topology discovering techniques. Finally, we list three interesting future directions of security-aware measurement in SDN followed by giving conclusion remarks.

Towards an automated security awareness system in a virtualized environment

CSIR Research Space (South Africa)

Labuschagne, WA

2012-07-01

Full Text Available resources. This is an efficient solution to access the Internet. However users might not be aware of the security threats that exist on using shared resources. Many companies provide security solutions to automatically protect resources on the network...

Security Awareness of the Digital Natives

Directory of Open Access Journals (Sweden)

Vasileios Gkioulos

2017-04-01

Full Text Available Young generations make extensive use of mobile devices, such as smartphones, tablets and laptops, while a plethora of security risks associated with such devices are induced by vulnerabilities related to user behavior. Furthermore, the number of security breaches on or via portable devices increases exponentially. Thus, deploying suitable risk treatments requires the investigation of how the digital natives (young people, born and bred in the digital era use their mobile devices and their level of security awareness, in order to identify common usage patterns with negative security impact. In this article, we present the results of a survey performed across a multinational sample of digital natives with distinct backgrounds and levels of competence in terms of security, to identify divergences in user behavior due to regional, educational and other factors. Our results highlight significant influences on the behavior of digital natives, arising from user confidence, educational background, and parameters related to usability and accessibility. The outcomes of this study justify the need for further analysis of the topic, in order to identify the influence of fine-grained semantics, but also the consolidation of wide and robust user-models.

Framework for an African policy towards creating cyber security awareness

CSIR Research Space (South Africa)

Dlamini, IZ

2011-05-01

Full Text Available Cyber security is a GLOBAL issue. The rest of the world needs Africa to be aware and ready. Furthermore, Africa can only be aware and ready if it is internally organised and collaborates effectively with the rest of the world. The African continent...

Fuzzy assessment of health information system users' security awareness.

Science.gov (United States)

Aydın, Özlem Müge; Chouseinoglou, Oumout

2013-12-01

Health information systems (HIS) are a specific area of information systems (IS), where critical patient data is stored and quality health service is only realized with the correct use and efficient dissemination of this data to health workers. Therefore, a balance needs to be established between the levels of security and flow of information on HIS. Instead of implementing higher levels and further mechanisms of control to increase the security of HIS, it is preferable to deal with the arguably weakest link on HIS chain with respect to security: HIS users. In order to provide solutions and approaches for transforming users to the first line of defense in HIS but also to employ capable and appropriate candidates from the pool of newly graduated students, it is important to assess and evaluate the security awareness levels and characteristics of these existing and future users. This study aims to provide a new perspective to understand the phenomenon of security awareness of HIS users with the use of fuzzy analysis, and to assess the present situation of current and future HIS users of a leading medical and educational institution of Turkey, with respect to their security characteristics based on four different security scales. The results of the fuzzy analysis, the guide on how to implement this fuzzy analysis to any health institution and how to read and interpret these results, together with the possible implications of these results to the organization are provided.

What's under the hood? Improving SCADA security with process awareness

OpenAIRE

Chromik, Justyna Joanna; Remke, Anne Katharina Ingrid; Haverkort, Boudewijn R.H.M.

2016-01-01

SCADA networks are an essential part of monitoring and controlling physical infrastructures, such as the power grid. Recent news item show that tampering with the data exchanged in a SCADA network occurs and has severe consequences. A possible way of improving the security of SCADA networks is to use intrusion detection systems. By monitoring and analysing the traffic, it is possible to detect whether information has a legitimate source or was tampered with. However, in many cases the knowled...

Security Engine Management of Router based on Security Policy

OpenAIRE

Su Hyung Jo; Ki Young Kim; Sang Ho Lee

2007-01-01

Security management has changed from the management of security equipments and useful interface to manager. It analyzes the whole security conditions of network and preserves the network services from attacks. Secure router technology has security functions, such as intrusion detection, IPsec(IP Security) and access control, are applied to legacy router for secure networking. It controls an unauthorized router access and detects an illegal network intrusion. This paper re...

A Video Game for Cyber Security Training and Awareness

National Research Council Canada - National Science Library

Cone, Benjamin D; Irvine, Cynthia E; Thompson, Michael F; Nguyen, Thuy D

2006-01-01

Although many of the concepts included in cyber security awareness training are universal, such training often must be tailored to address the policies and requirements of a particular organization...

Rapid deployment intrusion detection system

International Nuclear Information System (INIS)

Graham, R.H.

1997-01-01

A rapidly deployable security system is one that provides intrusion detection, assessment, communications, and annunciation capabilities; is easy to install and configure; can be rapidly deployed, and is reusable. A rapidly deployable intrusion detection system (RADIDS) has many potential applications within the DOE Complex: back-up protection for failed zones in a perimeter intrusion detection and assessment system, intrusion detection and assessment capabilities in temporary locations, protection of assets during Complex reconfiguration, and protection in hazardous locations, protection of assets during Complex reconfiguration, and protection in hazardous locations. Many DOE user-need documents have indicated an interest in a rapidly deployable intrusion detection system. The purpose of the RADIDS project is to design, develop, and implement such a system. 2 figs

Interior intrusion alarm systems

International Nuclear Information System (INIS)

Prell, J.A.

1978-01-01

In meeting the requirements for the safeguarding of special nuclear material and the physical protection of licensed facilities, the licensee is required to design a physical security system that will meet minimum performance requirements. An integral part of any physical security system is the interior intrusion alarm system. The purpose of this report is to provide the potential user of an interior intrusion alarm system with information on the various types, components, and performance capabilities available so that he can design and install the optimum alarm system for his particular environment. In addition, maintenance and testing procedures are discussed and recommended which, if followed, will help the user obtain the optimum results from his system

Computer Security: Introduction to information and computer security (1/4)

CERN Multimedia

CERN. Geneva

2012-01-01

Sebastian Lopienski is CERN's Deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and maintains security tools for vulnerability assessment and intrusion detection; provides training and awareness raising; and does incident investigation and response. During his work at CERN since 2001, Sebastian has had various assignments, including designing and developing software to manage and support services hosted in the CERN Computer Centre; providing Central CVS Service for software projects at CERN; and development of applications for accelerator controls in Java. He graduated from the University of Warsaw (MSc in Computer Science) in 2002, and earned an MBA degree at the Enterprise Administration Institute in Aix-en-Provence and Haute Ecole de Gestion in Geneva in 2010. His professional interests include software and network security, distributed systems, and Web and mobile technologies. With the prevalence of modern information te...

Security Enrichment in Intrusion Detection System Using Classifier Ensemble

Directory of Open Access Journals (Sweden)

Uma R. Salunkhe

2017-01-01

Full Text Available In the era of Internet and with increasing number of people as its end users, a large number of attack categories are introduced daily. Hence, effective detection of various attacks with the help of Intrusion Detection Systems is an emerging trend in research these days. Existing studies show effectiveness of machine learning approaches in handling Intrusion Detection Systems. In this work, we aim to enhance detection rate of Intrusion Detection System by using machine learning technique. We propose a novel classifier ensemble based IDS that is constructed using hybrid approach which combines data level and feature level approach. Classifier ensembles combine the opinions of different experts and improve the intrusion detection rate. Experimental results show the improved detection rates of our system compared to reference technique.

The design about the intrusion defense system for IHEP

International Nuclear Information System (INIS)

Liu Baoxu; Xu Rongsheng; Yu Chuansong; Wu Chunzhen

2003-01-01

With the development of network technologies, limitations on traditional methods of network security protection are becoming more and more obvious. An individual network security product or the simple combination of several products can hardly complete the goal of keeping from hackers' intrusion. Therefore, on the basis of the analyses about the security problems of IHEPNET which is an open and scientific research network, the author designs an intrusion defense system especially for IHEPNET

Network Intrusion Dataset Assessment

Science.gov (United States)

2013-03-01

International Conference on Computational Intelligence and Natural Computing, volume 2, pages 413–416, June 2009. • Rung Ching Chen, Kai -Fan Cheng, and...Chia-Fen Hsieh . “Using rough set and support vector machine for network intrusion detection.” International Journal of Network Security & Its...intrusion detection using FP tree rules.” Journal Of Advanced Networking and Applications, 1(1):30–39, 2009. • Ming-Yang Su, Gwo-Jong Yu , and Chun-Yuen

Impacts of security dimensions on awareness measurement in ...

African Journals Online (AJOL)

A big challenge facing Social Networks (SNs) and other organisations has been what to measure when determining the adequacy and effectiveness of awareness programmes. This study defines security dimension as Knowledge, Attitude and Behaviour, and identifies them as the main influencing factors to consider in ...

A Reliable Measure of Information Security Awareness and the Identification of Bias in Responses

Directory of Open Access Journals (Sweden)

Agata McCormac

2017-11-01

Full Text Available The Human Aspects of Information Security Questionnaire (HAIS-Q is designed to measure Information Security Awareness. More specifically, the tool measures an individual’s knowledge, attitude, and self-reported behaviour relating to information security in the workplace. This paper reports on the reliability of the HAIS-Q, including test-retest reliability and internal consistency. The paper also assesses the reliability of three preliminary over-claiming items, designed specifically to complement the HAIS-Q, and identify those individuals who provide socially desirable responses. A total of 197 working Australians completed two iterations of the HAIS-Q and the over-claiming items, approximately 4 weeks apart. Results of the analysis showed that the HAIS-Q was externally reliable and internally consistent. Therefore, the HAIS-Q can be used to reliably measure information security awareness. Reliability testing on the preliminary over-claiming items was not as robust and further development is required and recommended. The implications of these findings mean that organisations can confidently use the HAIS-Q to not only measure the current state of employee information security awareness within their organisation, but they can also measure the effectiveness and impacts of training interventions, information security awareness programs and campaigns. The influence of cultural changes and the effect of security incidents can also be assessed.

Lecture 3: Web Application Security

CERN Multimedia

CERN. Geneva

2013-01-01

Computer security has been an increasing concern for IT professionals for a number of years, yet despite all the efforts, computer systems and networks remain highly vulnerable to attacks of different kinds. Design flaws and security bugs in the underlying software are among the main reasons for this. This lecture focuses on security aspects of Web application development. Various vulnerabilities typical to web applications (such as Cross-site scripting, SQL injection, cross-site request forgery etc.) are introduced and discussed. Sebastian Lopienski is CERN’s deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and maintains security tools for vulnerability assessment and intrusion detection; provides training and awareness raising; and does incident investigation and response. During his work at CERN since 2001, Sebastian has had various assignments, including designing and developing software to manage and support servic...

Security Engineering FY17 Systems Aware Cybersecurity

Science.gov (United States)

2017-12-07

Security Engineering – FY17 Systems Aware Cybersecurity Technical Report SERC-2017-TR-114 December 7 2017 Principal Investigator: Dr...December 7, 2017 Copyright © 2017 Stevens Institute of Technology, Systems Engineering Research Center The Systems Engineering Research Center (SERC...supported, in whole or in part, by the U.S. Department of Defense through the Office of the Assistant Secretary of Defense for Research and Engineering (ASD

Robust site security using smart seismic array technology and multi-sensor data fusion

Science.gov (United States)

Hellickson, Dean; Richards, Paul; Reynolds, Zane; Keener, Joshua

2010-04-01

Traditional site security systems are susceptible to high individual sensor nuisance alarm rates that reduce the overall system effectiveness. Visual assessment of intrusions can be intensive and manually difficult as cameras are slewed by the system to non intrusion areas or as operators respond to nuisance alarms. Very little system intrusion performance data are available other than discrete sensor alarm indications that provide no real value. This paper discusses the system architecture, integration and display of a multi-sensor data fused system for wide area surveillance, local site intrusion detection and intrusion classification. The incorporation of a novel seismic array of smart sensors using FK Beamforming processing that greatly enhances the overall system detection and classification performance of the system is discussed. Recent test data demonstrates the performance of the seismic array within several different installations and its ability to classify and track moving targets at significant standoff distances with exceptional immunity to background clutter and noise. Multi-sensor data fusion is applied across a suite of complimentary sensors eliminating almost all nuisance alarms while integrating within a geographical information system to feed a visual-fusion display of the area being secured. Real-time sensor detection and intrusion classification data is presented within a visual-fusion display providing greatly enhanced situational awareness, system performance information and real-time assessment of intrusions and situations of interest with limited security operator involvement. This approach scales from a small local perimeter to very large geographical area and can be used across multiple sites controlled at a single command and control station.

Stochastic Tools for Network Intrusion Detection

OpenAIRE

Yu, Lu; Brooks, Richard R.

2017-01-01

With the rapid development of Internet and the sharp increase of network crime, network security has become very important and received a lot of attention. We model security issues as stochastic systems. This allows us to find weaknesses in existing security systems and propose new solutions. Exploring the vulnerabilities of existing security tools can prevent cyber-attacks from taking advantages of the system weaknesses. We propose a hybrid network security scheme including intrusion detecti...

Academic Training Lecture Regular Programme: Computer Security - Introduction to information and computer security (1/4)

CERN Multimedia

2012-01-01

Computer Security: Introduction to information and computer security (1/4), by Sebastian Lopienski (CERN).   Monday, 21 May, 2012 from 11:00 to 12:00 (Europe/Zurich) at CERN ( 31-3-004 - IT Auditorium ) Sebastian Lopienski is CERN's Deputy Computer Security Officer. He works on security strategy and policies; offers internal consultancy and audit services; develops and maintains security tools for vulnerability assessment and intrusion detection; provides training and awareness raising; and does incident investigation and response. During his work at CERN since 2001, Sebastian has had various assignments, including designing and developing software to manage and support services hosted in the CERN Computer Centre; providing Central CVS Service for software projects at CERN; and development of applications for accelerator controls in Java. He graduated from the University of Warsaw (MSc in Computer Science) in 2002, and earned an MBA degree at the Enterprise Administration Institute in Ai...

Secure Data Flow in a Calculus for Context Awareness

DEFF Research Database (Denmark)

Bucur, Doina; Nielsen, Mogens

2008-01-01

We present a Mobile-Ambients-based process calculus to describe context-aware computing in an infrastructure-based Ubiquitous Computing setting. In our calculus, computing agents can provide and discover contextual information and are owners of security policies. Simple access control to contextual...

A improved Network Security Situation Awareness Model

Directory of Open Access Journals (Sweden)

Li Fangwei

2015-08-01

Full Text Available In order to reflect the situation of network security assessment performance fully and accurately, a new network security situation awareness model based on information fusion was proposed. Network security situation is the result of fusion three aspects evaluation. In terms of attack, to improve the accuracy of evaluation, a situation assessment method of DDoS attack based on the information of data packet was proposed. In terms of vulnerability, a improved Common Vulnerability Scoring System (CVSS was raised and maked the assessment more comprehensive. In terms of node weights, the method of calculating the combined weights and optimizing the result by Sequence Quadratic Program (SQP algorithm which reduced the uncertainty of fusion was raised. To verify the validity and necessity of the method, a testing platform was built and used to test through evaluating 2000 DAPRA data sets. Experiments show that the method can improve the accuracy of evaluation results.

The effectiveness of online gaming as part of a security awareness program

CSIR Research Space (South Africa)

Labuschagne, WA

2014-07-01

Full Text Available the human element whose actions can be considered as erratic and unpredictable thus posing a threat to the security of the organization. Security awareness programs aim to equip users of cyberspace with the necessary knowledge to identify and mitigate...

Application of the JDL data fusion process model for cyber security

Science.gov (United States)

Giacobe, Nicklaus A.

2010-04-01

A number of cyber security technologies have proposed the use of data fusion to enhance the defensive capabilities of the network and aid in the development of situational awareness for the security analyst. While there have been advances in fusion technologies and the application of fusion in intrusion detection systems (IDSs), in particular, additional progress can be made by gaining a better understanding of a variety of data fusion processes and applying them to the cyber security application domain. This research explores the underlying processes identified in the Joint Directors of Laboratories (JDL) data fusion process model and further describes them in a cyber security context.

TH-A-12A-01: Medical Physicist's Role in Digital Information Security: Threats, Vulnerabilities and Best Practices

Energy Technology Data Exchange (ETDEWEB)

McDonald, K [Mayo Clinic, Rochester, MN (United States); Curran, B [The Warren Alpert Medical School of Brown University, Providence, RI (United States)

2014-06-15

I. Information Security Background (Speaker = Kevin McDonald) Evolution of Medical Devices Living and Working in a Hostile Environment Attack Motivations Attack Vectors Simple Safety Strategies Medical Device Security in the News Medical Devices and Vendors Summary II. Keeping Radiation Oncology IT Systems Secure (Speaker = Bruce Curran) Hardware Security Double-lock Requirements “Foreign” computer systems Portable Device Encryption Patient Data Storage System Requirements Network Configuration Isolating Critical Devices Isolating Clinical Networks Remote Access Considerations Software Applications / Configuration Passwords / Screen Savers Restricted Services / access Software Configuration Restriction Use of DNS to restrict accesse. Patches / Upgrades Awareness Intrusion Prevention Intrusion Detection Threat Risk Analysis Conclusion Learning Objectives: Understanding how Hospital IT Requirements affect Radiation Oncology IT Systems. Illustrating sample practices for hardware, network, and software security. Discussing implementation of good IT security practices in radiation oncology. Understand overall risk and threats scenario in a networked environment.

TH-A-12A-01: Medical Physicist's Role in Digital Information Security: Threats, Vulnerabilities and Best Practices

International Nuclear Information System (INIS)

McDonald, K; Curran, B

2014-01-01

I. Information Security Background (Speaker = Kevin McDonald) Evolution of Medical Devices Living and Working in a Hostile Environment Attack Motivations Attack Vectors Simple Safety Strategies Medical Device Security in the News Medical Devices and Vendors Summary II. Keeping Radiation Oncology IT Systems Secure (Speaker = Bruce Curran) Hardware Security Double-lock Requirements “Foreign” computer systems Portable Device Encryption Patient Data Storage System Requirements Network Configuration Isolating Critical Devices Isolating Clinical Networks Remote Access Considerations Software Applications / Configuration Passwords / Screen Savers Restricted Services / access Software Configuration Restriction Use of DNS to restrict accesse. Patches / Upgrades Awareness Intrusion Prevention Intrusion Detection Threat Risk Analysis Conclusion Learning Objectives: Understanding how Hospital IT Requirements affect Radiation Oncology IT Systems. Illustrating sample practices for hardware, network, and software security. Discussing implementation of good IT security practices in radiation oncology. Understand overall risk and threats scenario in a networked environment

A Machine Learning Based Intrusion Impact Analysis Scheme for Clouds

Directory of Open Access Journals (Sweden)

Junaid Arshad

2012-01-01

Full Text Available Clouds represent a major paradigm shift, inspiring the contemporary approach to computing. They present fascinating opportunities to address dynamic user requirements with the provision of on demand expandable computing infrastructures. However, Clouds introduce novel security challenges which need to be addressed to facilitate widespread adoption. This paper is focused on one such challenge - intrusion impact analysis. In particular, we highlight the significance of intrusion impact analysis for the overall security of Clouds. Additionally, we present a machine learning based scheme to address this challenge in accordance with the specific requirements of Clouds for intrusion impact analysis. We also present rigorous evaluation performed to assess the effectiveness and feasibility of the proposed method to address this challenge for Clouds. The evaluation results demonstrate high degree of effectiveness to correctly determine the impact of an intrusion along with significant reduction with respect to the intrusion response time.

The state of the art in intrusion prevention and detection

CERN Document Server

Pathan, Al-Sakib Khan

2013-01-01

The State of the Art in Intrusion Prevention and Detection analyzes the latest trends and issues surrounding intrusion detection systems in computer networks, especially in communications networks. Its broad scope of coverage includes wired, wireless, and mobile networks; next-generation converged networks; and intrusion in social networks.Presenting cutting-edge research, the book presents novel schemes for intrusion detection and prevention. It discusses tracing back mobile attackers, secure routing with intrusion prevention, anomaly detection, and AI-based techniques. It also includes infor

Data Mining for Intrusion Detection

Science.gov (United States)

Singhal, Anoop; Jajodia, Sushil

Data Mining Techniques have been successfully applied in many different fields including marketing, manufacturing, fraud detection and network management. Over the past years there is a lot of interest in security technologies such as intrusion detection, cryptography, authentication and firewalls. This chapter discusses the application of Data Mining techniques to computer security. Conclusions are drawn and directions for future research are suggested.

Intrusion detection techniques for plant-wide network in a nuclear power plant

International Nuclear Information System (INIS)

Rajasekhar, P.; Shrikhande, S.V.; Biswas, B.B.; Patil, R.K.

2012-01-01

Nuclear power plants have a lot of critical data to be sent to the operator workstations. A plant wide integrated communication network, with high throughput, determinism and redundancy, is required between the workstations and the field. Switched Ethernet network is a promising prospect for such an integrated communication network. But for such an integrated system, intrusion is a major issue. Hence the network should have an intrusion detection system to make the network data secure and enhance the network availability. Intrusion detection is the process of monitoring the events occurring in a network and analyzing them for signs of possible incidents, which are violations or imminent threats of violation of network security policies, acceptable user policies, or standard security practices. This paper states the various intrusion detection techniques and approaches which are applicable for analysis of a plant wide network. (author)

An intrusion detection system based on fiber hydrophone

Science.gov (United States)

Liu, Junrong; Qiu, Xiufen; Shen, Heping

2017-10-01

This paper provides a new intrusion detection system based on fiber hydrophone, focusing beam forming figure positioning according to the near field and high precision sound source location algorithm which can accurately position the intrusion; obtaining its behavior path , obtaining the intrusion events related information such as speed form tracking intrusion trace; And analyze identification the detected intrusion behavior. If the monitor area is larger, the algorithm will take too much time once, and influence the system response time, for reduce the calculating time. This paper provides way that coarse location first, and then scanned for accuracy, so as to realize the intrusion events (such as car, etc.) the remote monitoring of positioning. The system makes up the blank in process capture of the fiber optic intrusion detection technology, and improves the understanding of the invasion. Through the capture of the process of intrusion behavior, and the fusion detection of intrusion behavior itself, thus analysis, judgment, identification of the intrusion information can greatly reduce the rate of false positives, greatly improved the reliability and practicability of the perimeter security system.

Exploring machine-learning-based control plane intrusion detection techniques in software defined optical networks

Science.gov (United States)

Zhang, Huibin; Wang, Yuqiao; Chen, Haoran; Zhao, Yongli; Zhang, Jie

2017-12-01

In software defined optical networks (SDON), the centralized control plane may encounter numerous intrusion threatens which compromise the security level of provisioned services. In this paper, the issue of control plane security is studied and two machine-learning-based control plane intrusion detection techniques are proposed for SDON with properly selected features such as bandwidth, route length, etc. We validate the feasibility and efficiency of the proposed techniques by simulations. Results show an accuracy of 83% for intrusion detection can be achieved with the proposed machine-learning-based control plane intrusion detection techniques.

Capability for intrusion detection at nuclear fuel sites

International Nuclear Information System (INIS)

1978-03-01

A safeguards vulnerability assessment was conducted at three separate licensed nuclear processing facilities. Emphasis was placed on: (1) performance of the total intrusion detection system, and (2) vulnerability of the system to compromise by insiders. The security guards were interviewed to evaluate their effectiveness in executing their duties in accordance with the plant's security plan and to assess their knowledge regarding the operation of the security equipment. A review of the training schedule showed that the guards, along with the other plant employees, are required to periodically attend in-plant training sessions. The vulnerability assessments continued with interviews of the personnel responsible for maintaining the security equipment, with discussions of detector false alarm and maintenance problems. The second part of the vulnerability assessments was to evaluate the effectiveness of the intrusion detection systems including the interior and the perimeter sensors, CCTV surveillance devices and the exterior lighting. Two types of perimeter detectors are used at the sites, a fence disturbance sensor and an infrared barrier type detector. Infrared barrier type detectors have a higher probability of detection, especially in conjunction with dedicated CCTV cameras. The exterior lights satisfy the 0.2 footcandle illumination requirement. The interior intrusion detection systems included ultrasonic motion detectors, microwave motion detectors,balanced magnetic switches, and CCTV cameras. Entrance doors to the materials access areas and vital areas are protected with balanced magnetic switches. The interior intrusion detection systems at the three nuclear processing sites are considered satisfactory with the exception of the areas protected with ultrasonic motion detectors

INDUSTRIAL CONTROL SYSTEM CYBER SECURITY: QUESTIONS AND ANSWERS RELEVANT TO NUCLEAR FACILITIES, SAFEGUARDS AND SECURITY

Energy Technology Data Exchange (ETDEWEB)

Robert S. Anderson; Mark Schanfein; Trond Bjornard; Paul Moskowitz

2011-07-01

Typical questions surrounding industrial control system (ICS) cyber security always lead back to: What could a cyber attack do to my system(s) and; how much should I worry about it? These two leading questions represent only a fraction of questions asked when discussing cyber security as it applies to any program, company, business, or organization. The intent of this paper is to open a dialog of important pertinent questions and answers that managers of nuclear facilities engaged in nuclear facility security and safeguards should examine, i.e., what questions should be asked; and how do the answers affect an organization's ability to effectively safeguard and secure nuclear material. When a cyber intrusion is reported, what does that mean? Can an intrusion be detected or go un-noticed? Are nuclear security or safeguards systems potentially vulnerable? What about the digital systems employed in process monitoring, and international safeguards? Organizations expend considerable efforts to ensure that their facilities can maintain continuity of operations against physical threats. However, cyber threats particularly on ICSs may not be well known or understood, and often do not receive adequate attention. With the disclosure of the Stuxnet virus that has recently attacked nuclear infrastructure, many organizations have recognized the need for an urgent interest in cyber attacks and defenses against them. Several questions arise including discussions about the insider threat, adequate cyber protections, program readiness, encryption, and many more. These questions, among others, are discussed so as to raise the awareness and shed light on ways to protect nuclear facilities and materials against such attacks.

Industrial Control System Cyber Security: Questions And Answers Relevant To Nuclear Facilities, Safeguards And Security

International Nuclear Information System (INIS)

Anderson, Robert S.; Schanfein, Mark; Bjornard, Trond; Moskowitz, Paul

2011-01-01

Typical questions surrounding industrial control system (ICS) cyber security always lead back to: What could a cyber attack do to my system(s) and; how much should I worry about it? These two leading questions represent only a fraction of questions asked when discussing cyber security as it applies to any program, company, business, or organization. The intent of this paper is to open a dialog of important pertinent questions and answers that managers of nuclear facilities engaged in nuclear facility security and safeguards should examine, i.e., what questions should be asked; and how do the answers affect an organization's ability to effectively safeguard and secure nuclear material. When a cyber intrusion is reported, what does that mean? Can an intrusion be detected or go un-noticed? Are nuclear security or safeguards systems potentially vulnerable? What about the digital systems employed in process monitoring, and international safeguards? Organizations expend considerable efforts to ensure that their facilities can maintain continuity of operations against physical threats. However, cyber threats particularly on ICSs may not be well known or understood, and often do not receive adequate attention. With the disclosure of the Stuxnet virus that has recently attacked nuclear infrastructure, many organizations have recognized the need for an urgent interest in cyber attacks and defenses against them. Several questions arise including discussions about the insider threat, adequate cyber protections, program readiness, encryption, and many more. These questions, among others, are discussed so as to raise the awareness and shed light on ways to protect nuclear facilities and materials against such attacks.

Activating attachment representations during memory retrieval modulates intrusive traumatic memories.

Science.gov (United States)

Bryant, Richard A; Chan, Iris

2017-10-01

Although priming mental representations of attachment security reduces arousal, research has not examined the effect of attachment on the retrieval of emotionally arousing memories. This study investigated the effect of priming attachment security on the retrieval of emotional memories. Seventy-five participants viewed negative and neutral images, and two days later received either an attachment prime or a control prime immediately prior to free recall of the images. Two days later, participants reported how frequently they experienced intrusions of the negative images. The attachment group had less distress, and reported fewer subsequent intrusions than the control group. Attachment style moderated these effects such that individuals with an avoidant attachment style were not impacted by the attachment prime. These findings suggest that priming attachment security decreases distress during memory reactivation, and this may reduce subsequent intrusive memories. Copyright © 2017 Elsevier Inc. All rights reserved.

Computational neural network regression model for Host based Intrusion Detection System

Directory of Open Access Journals (Sweden)

Sunil Kumar Gautam

2016-09-01

Full Text Available The current scenario of information gathering and storing in secure system is a challenging task due to increasing cyber-attacks. There exists computational neural network techniques designed for intrusion detection system, which provide security to single machine and entire network's machine. In this paper, we have used two types of computational neural network models, namely, Generalized Regression Neural Network (GRNN model and Multilayer Perceptron Neural Network (MPNN model for Host based Intrusion Detection System using log files that are generated by a single personal computer. The simulation results show correctly classified percentage of normal and abnormal (intrusion class using confusion matrix. On the basis of results and discussion, we found that the Host based Intrusion Systems Model (HISM significantly improved the detection accuracy while retaining minimum false alarm rate.

Measuring the Effect of Using Simulated Security Awareness Training and Testing on Members of Virtual Communities of Practice

Directory of Open Access Journals (Sweden)

Craig L. Tidwell

2010-12-01

Full Text Available Information security (Infosec has become a major challenge for all private and public organizations. The protecting of proprietary and secret data and the proper awareness of what is entailed in protecting this data is necessary in all organizations. How does simulation and training influence virtual communities of practice information security awareness over time and with a variety of security scenarios. Can members of a virtual community be significantly changed in how they respond to routine security processes and attempts to breach security or violate the security policy of their organization? How does deterrence play a role in this prevention and education? A study is planned that will train and test users of a virtual community of practice over a 3 month period of time, via a web interface, and using simulated events, to see if the planned security awareness training will be effective in changing their responses to the events and further testing.

Security Awareness in Software-Defined Multi-Domain 5G Networks

Directory of Open Access Journals (Sweden)

Jani Suomalainen

2018-03-01

Full Text Available Fifth generation (5G technologies will boost the capacity and ease the management of mobile networks. Emerging virtualization and softwarization technologies enable more flexible customization of network services and facilitate cooperation between different actors. However, solutions are needed to enable users, operators, and service providers to gain an up-to-date awareness of the security and trustworthiness of 5G systems. We describe a novel framework and enablers for security monitoring, inferencing, and trust measuring. The framework leverages software-defined networking and big data technologies to customize monitoring for different applications. We present an approach for sharing security measurements across administrative domains. We describe scenarios where the correlation of multi-domain information improves the accuracy of security measures with respect to two threats: end-user location tracking and Internet of things (IoT authentication storms. We explore the security characteristics of data flows in software networks dedicated to different applications with a mobile network testbed.

A new intrusion prevention model using planning knowledge graph

Science.gov (United States)

Cai, Zengyu; Feng, Yuan; Liu, Shuru; Gan, Yong

2013-03-01

Intelligent plan is a very important research in artificial intelligence, which has applied in network security. This paper proposes a new intrusion prevention model base on planning knowledge graph and discuses the system architecture and characteristics of this model. The Intrusion Prevention based on plan knowledge graph is completed by plan recognition based on planning knowledge graph, and the Intrusion response strategies and actions are completed by the hierarchical task network (HTN) planner in this paper. Intrusion prevention system has the advantages of intelligent planning, which has the advantage of the knowledge-sharing, the response focused, learning autonomy and protective ability.

User Modelling Validation over the Security Awareness of Digital Natives

Directory of Open Access Journals (Sweden)

Vasileios Gkioulos

2017-07-01

Full Text Available Young generations make extensive use of mobile devices, such as smart-phones, tablets and laptops, for a variety of daily tasks with potentially critical impact, while the number of security breaches via portable devices increases exponentially. A plethora of security risks associated with these devices are induced by design shortcomings and vulnerabilities related to user behavior. Therefore, deploying suitable risk treatments requires the investigation of how security experts perceive the digital natives (young people, born in the digital era, when utilizing their user behavior models in the design and analysis of related systems. In this article, we present the results of a survey performed across a multinational sample of security professionals, in comparison to our earlier study over the security awareness of digital natives. Through this study, we seek to identify divergences between user behavior and the conceptual user-models that security experts utilise in their professional tasks. Our results indicate that the experts understanding over the user behaviour does not follow a solidified user-model, while influences from personal perceptions and randomness are also noticeable.

Social Security Measures for Elderly Population in Delhi, India: Awareness, Utilization and Barriers.

Science.gov (United States)

Kohli, Charu; Gupta, Kalika; Banerjee, Bratati; Ingle, Gopal Krishna

2017-05-01

World population of elderly is increasing at a fast pace. The number of elderly in India has increased by 54.77% in the last 15 years. A number of social security measures have been taken by Indian government. To assess awareness, utilization and barriers faced while utilizing social security schemes by elderly in a secondary care hospital situated in a rural area in Delhi, India. A cross-sectional study was conducted among 360 individuals aged 60 years and above in a secondary care hospital situated in a rural area in Delhi. A pre-tested, semi-structured schedule prepared in local language was used. Data was analysed using SPSS software (version 17.0). Chi-square test was used to observe any statistical association between categorical variables. The results were considered statistically significant if p-value was less than 0.05. A majority of study subjects were females (54.2%), Hindu (89.7%), married (60.3%) and were not engaged in any occupation (82.8%). Awareness about Indira Gandhi National Old Age Pension Scheme (IGNOAPS) was present among 286 (79.4%) and Annapurna scheme in 193 (53.6%) subjects. Among 223 subjects who were below poverty line, 179 (80.3%) were aware of IGNOAPS; while, 112 (50.2%) were utilizing the scheme. There was no association of awareness with education status, occupation, religion, family type, marital status and caste (p>0.05). Corruption and tedious administrative formalities were major barriers reported. Awareness generation, provision of information on how to approach the concerned authority for utilizing the scheme and ease of administrative procedures should be an integral part of any social security scheme or measure. In the present study, about 79.4% of elderly were aware and 45% of the eligible subjects were utilizing pension scheme. Major barriers reported in utilization of schemes were corruption and tedious administrative procedures.

A Frequency-Based Approach to Intrusion Detection

Directory of Open Access Journals (Sweden)

Mian Zhou

2004-06-01

Full Text Available Research on network security and intrusion detection strategies presents many challenging issues to both theoreticians and practitioners. Hackers apply an array of intrusion and exploit techniques to cause disruption of normal system operations, but on the defense, firewalls and intrusion detection systems (IDS are typically only effective in defending known intrusion types using their signatures, and are far less than mature when faced with novel attacks. In this paper, we adapt the frequency analysis techniques such as the Discrete Fourier Transform (DFT used in signal processing to the design of intrusion detection algorithms. We demonstrate the effectiveness of the frequency-based detection strategy by running synthetic network intrusion data in simulated networks using the OPNET software. The simulation results indicate that the proposed intrusion detection strategy is effective in detecting anomalous traffic data that exhibit patterns over time, which include several types of DOS and probe attacks. The significance of this new strategy is that it does not depend on the prior knowledge of attack signatures, thus it has the potential to be a useful supplement to existing signature-based IDS and firewalls.

Intrusion Detection System Using Deep Neural Network for In-Vehicle Network Security.

Directory of Open Access Journals (Sweden)

Min-Joo Kang

Full Text Available A novel intrusion detection system (IDS using a deep neural network (DNN is proposed to enhance the security of in-vehicular network. The parameters building the DNN structure are trained with probability-based feature vectors that are extracted from the in-vehicular network packets. For a given packet, the DNN provides the probability of each class discriminating normal and attack packets, and, thus the sensor can identify any malicious attack to the vehicle. As compared to the traditional artificial neural network applied to the IDS, the proposed technique adopts recent advances in deep learning studies such as initializing the parameters through the unsupervised pre-training of deep belief networks (DBN, therefore improving the detection accuracy. It is demonstrated with experimental results that the proposed technique can provide a real-time response to the attack with a significantly improved detection ratio in controller area network (CAN bus.

Intrusion Detection System Using Deep Neural Network for In-Vehicle Network Security.

Science.gov (United States)

Kang, Min-Joo; Kang, Je-Won

2016-01-01

A novel intrusion detection system (IDS) using a deep neural network (DNN) is proposed to enhance the security of in-vehicular network. The parameters building the DNN structure are trained with probability-based feature vectors that are extracted from the in-vehicular network packets. For a given packet, the DNN provides the probability of each class discriminating normal and attack packets, and, thus the sensor can identify any malicious attack to the vehicle. As compared to the traditional artificial neural network applied to the IDS, the proposed technique adopts recent advances in deep learning studies such as initializing the parameters through the unsupervised pre-training of deep belief networks (DBN), therefore improving the detection accuracy. It is demonstrated with experimental results that the proposed technique can provide a real-time response to the attack with a significantly improved detection ratio in controller area network (CAN) bus.

Introduction: Situation Awareness, Systems of Systems, and Maritime Safety and Security

NARCIS (Netherlands)

Tretmans, G.J.; Laar, P.J.L.J. van de

2013-01-01

This book presents and discusses various challenges and solutions for developing systems-of-systems for attaining situation awareness, with applications in the domain of maritime safety and security. This chapter introduces the book, describes the Dutch research project Poseidon from which it

NIST Special Publication on Intrusion Detection Systems

National Research Council Canada - National Science Library

Bace, Rebecca Gurley

2001-01-01

Intrusion detection systems (IDSs) are software or hardware systems that automate the process of monitoring the events occurring in a computer system or network, analyzing them for signs of security problems...

An armored-cable-based fiber Bragg grating sensor array for perimeter fence intrusion detection

Science.gov (United States)

Hao, Jianzhong; Dong, Bo; Varghese, Paulose; Phua, Jiliang; Foo, Siang Fook

2012-01-01

In this paper, an armored-cable-based optical fiber Bragg grating (FBG) sensor array, for perimeter fence intrusion detection, is demonstrated and some of the field trial results are reported. The field trial was conducted at a critical local installation in Singapore in December 2010. The sensor array was put through a series of both simulated and live intrusion scenarios to test the stability and suitability of operation in the local environmental conditions and to determine its capabilities in detecting and reporting these intrusions accurately to the control station. Such a sensor array can provide perimeter intrusion detection with fine granularity and preset pin-pointing accuracy. The various types of intrusions included aided or unaided climbs, tampering and cutting of the fence, etc. The unique sensor packaging structure provides high sensitivity, crush resistance and protection against rodents. It is also capable of resolving nuisance events such as rain, birds sitting on the fence or seismic vibrations. These sensors are extremely sensitive with a response time of a few seconds. They can be customized for a desired spatial resolution and pre-determined sensitivity. Furthermore, it is easy to cascade a series of such sensors to monitor and detect intrusion events over a long stretch of fence line. Such sensors can be applied to real-time intrusion detection for perimeter security, pipeline security and communications link security.

Resilient Control and Intrusion Detection for SCADA Systems

Science.gov (United States)

2014-05-01

Lowe. The myths and facts behind cyber security risks for industrial control systems . VDE Congress, 2004. [45] I. S. C37.1-1994. Ieee standard...Resilient Control and Intrusion Detection for SCADA Systems Bonnie Xia Zhu Electrical Engineering and Computer Sciences University of California at...3. DATES COVERED 00-00-2014 to 00-00-2014 4. TITLE AND SUBTITLE Resilient Control and Intrusion Detection for SCADA Systems 5a. CONTRACT

A SURVEY OF URBAN PEOPLE AWARENESS ABOUT NEW INDIAN CURRENCY SECURITY FEATURES AFTER DEMONETIZATION

OpenAIRE

Mr. Rajeev & Mr. Dhirender

2017-01-01

Use of currency notes is increasing year by year and so does risk of its holders.It has become need of hour for every country to make its currency difficult to counterfeit.Security features and security printing are the only solution for this problem.Security features not only prevent duplicacyof notes but also save the poor citizens from possible financial loss.This survey work was carried out to understand the awareness level about security features in new currency notes because relevancy o...

Evaluation of of μ-controller PIR Intrusion Detector | Eludire | West ...

African Journals Online (AJOL)

When there is intrusion, a piezo speaker beeps and also a visual indicator with light emitting diode blinks to indicate intrusion. For security, cost effectiveness and access control to certain areas of homes, offices and industries this system is a better replacement to human surveillance needed around our valuable goods and ...

Enhancing Cyber Security for SME organizations through self-assessments : How self-assessment raises awareness

OpenAIRE

Hassinen, Tarmo

2017-01-01

This thesis primarily studied the importance of self-assessment in increasing business organizations’ cyber security awareness of their ICT environment. The secondary studied item was the relevance of self-assessment in detecting new business potential while understanding ICT environment changes. The self-assessment is based on FINCS, the Finnish basic level cyber security certificate launched in December 2016. FINCSC consists of physical and management security, ICT service and system securi...

Defining the e-learner’s security profile: Towards awareness ...

Indian Academy of Sciences (India)

Marjan Milošević

open source learning content management system [22]. A .... of security agent that would ''do a real job''. Usersecurity is a structure ... which then use appropriate awareness resource to deliver content to ..... Int. J. Human-Comput. Stud. 72(12):.

Human Factors in Coast Guard Computer Security - An Analysis of Current Awareness and Potential Techniques to Improve Security Program Viability

National Research Council Canada - National Science Library

Whalen, Timothy

2001-01-01

.... This thesis attempts to identify both the susceptibility of Coast Guard information systems to human factors-based security risks and possible means for increasing user awareness of those risks...

Neural Network Based Intrusion Detection System for Critical Infrastructures

Energy Technology Data Exchange (ETDEWEB)

Todd Vollmer; Ondrej Linda; Milos Manic

2009-07-01

Resiliency and security in control systems such as SCADA and Nuclear plant’s in today’s world of hackers and malware are a relevant concern. Computer systems used within critical infrastructures to control physical functions are not immune to the threat of cyber attacks and may be potentially vulnerable. Tailoring an intrusion detection system to the specifics of critical infrastructures can significantly improve the security of such systems. The IDS-NNM – Intrusion Detection System using Neural Network based Modeling, is presented in this paper. The main contributions of this work are: 1) the use and analyses of real network data (data recorded from an existing critical infrastructure); 2) the development of a specific window based feature extraction technique; 3) the construction of training dataset using randomly generated intrusion vectors; 4) the use of a combination of two neural network learning algorithms – the Error-Back Propagation and Levenberg-Marquardt, for normal behavior modeling. The presented algorithm was evaluated on previously unseen network data. The IDS-NNM algorithm proved to be capable of capturing all intrusion attempts presented in the network communication while not generating any false alerts.

Anomaly-based intrusion detection for SCADA systems

International Nuclear Information System (INIS)

Yang, D.; Usynin, A.; Hines, J. W.

2006-01-01

Most critical infrastructure such as chemical processing plants, electrical generation and distribution networks, and gas distribution is monitored and controlled by Supervisory Control and Data Acquisition Systems (SCADA. These systems have been the focus of increased security and there are concerns that they could be the target of international terrorists. With the constantly growing number of internet related computer attacks, there is evidence that our critical infrastructure may also be vulnerable. Researchers estimate that malicious online actions may cause $75 billion at 2007. One of the interesting countermeasures for enhancing information system security is called intrusion detection. This paper will briefly discuss the history of research in intrusion detection techniques and introduce the two basic detection approaches: signature detection and anomaly detection. Finally, it presents the application of techniques developed for monitoring critical process systems, such as nuclear power plants, to anomaly intrusion detection. The method uses an auto-associative kernel regression (AAKR) model coupled with the statistical probability ratio test (SPRT) and applied to a simulated SCADA system. The results show that these methods can be generally used to detect a variety of common attacks. (authors)

Network Intrusion Detection through Stacking Dilated Convolutional Autoencoders

Directory of Open Access Journals (Sweden)

Yang Yu

2017-01-01

Full Text Available Network intrusion detection is one of the most important parts for cyber security to protect computer systems against malicious attacks. With the emergence of numerous sophisticated and new attacks, however, network intrusion detection techniques are facing several significant challenges. The overall objective of this study is to learn useful feature representations automatically and efficiently from large amounts of unlabeled raw network traffic data by using deep learning approaches. We propose a novel network intrusion model by stacking dilated convolutional autoencoders and evaluate our method on two new intrusion detection datasets. Several experiments were carried out to check the effectiveness of our approach. The comparative experimental results demonstrate that the proposed model can achieve considerably high performance which meets the demand of high accuracy and adaptability of network intrusion detection systems (NIDSs. It is quite potential and promising to apply our model in the large-scale and real-world network environments.

RIDES: Robust Intrusion Detection System for IP-Based Ubiquitous Sensor Networks.

Science.gov (United States)

Amin, Syed Obaid; Siddiqui, Muhammad Shoaib; Hong, Choong Seon; Lee, Sungwon

2009-01-01

The IP-based Ubiquitous Sensor Network (IP-USN) is an effort to build the "Internet of things". By utilizing IP for low power networks, we can benefit from existing well established tools and technologies of IP networks. Along with many other unresolved issues, securing IP-USN is of great concern for researchers so that future market satisfaction and demands can be met. Without proper security measures, both reactive and proactive, it is hard to envisage an IP-USN realm. In this paper we present a design of an IDS (Intrusion Detection System) called RIDES (Robust Intrusion DEtection System) for IP-USN. RIDES is a hybrid intrusion detection system, which incorporates both Signature and Anomaly based intrusion detection components. For signature based intrusion detection this paper only discusses the implementation of distributed pattern matching algorithm with the help of signature-code, a dynamically created attack-signature identifier. Other aspects, such as creation of rules are not discussed. On the other hand, for anomaly based detection we propose a scoring classifier based on the SPC (Statistical Process Control) technique called CUSUM charts. We also investigate the settings and their effects on the performance of related parameters for both of the components.

AANtID: an alternative approach to network intrusion detection ...

African Journals Online (AJOL)

Journal of Computer Science and Its Application ... Security has become not just a feature of an information system, but the core and a necessity especially the systems that communicate and transmit data over the Internet for they are more ... Keywords: Intrusion, Genetic Algorithm, detection, Security, DARPA dataset ...

How Intrusion Detection Can Improve Software Decoy Applications

National Research Council Canada - National Science Library

Monteiro, Valter

2003-01-01

This research concerns information security and computer-network defense. It addresses how to handle the information of log files and intrusion-detection systems to recognize when a system is under attack...

A Partially Distributed Intrusion Detection System for Wireless Sensor Networks

Directory of Open Access Journals (Sweden)

Eung Jun Cho

2013-11-01

Full Text Available The increasing use of wireless sensor networks, which normally comprise several very small sensor nodes, makes their security an increasingly important issue. They can be practically and efficiently secured using intrusion detection systems. Conventional security mechanisms are not usually applicable due to the sensor nodes having limitations of computational power, memory capacity, and battery power. Therefore, specific security systems should be designed to function under constraints of energy or memory. A partially distributed intrusion detection system with low memory and power demands is proposed here. It employs a Bloom filter, which allows reduced signature code size. Multiple Bloom filters can be combined to reduce the signature code for each Bloom filter array. The mechanism could then cope with potential denial of service attacks, unlike many previous detection systems with Bloom filters. The mechanism was evaluated and validated through analysis and simulation.

Use of behavioral biometrics in intrusion detection and online gaming

Science.gov (United States)

Yampolskiy, Roman V.; Govindaraju, Venu

2006-04-01

Behavior based intrusion detection is a frequently used approach for insuring network security. We expend behavior based intrusion detection approach to a new domain of game networks. Specifically, our research shows that a unique behavioral biometric can be generated based on the strategy used by an individual to play a game. We wrote software capable of automatically extracting behavioral profiles for each player in a game of Poker. Once a behavioral signature is generated for a player, it is continuously compared against player's current actions. Any significant deviations in behavior are reported to the game server administrator as potential security breaches. Our algorithm addresses a well-known problem of user verification and can be re-applied to the fields beyond game networks, such as operating systems and non-game networks security.

Implementation of SNS Model for Intrusion Prevention in Wireless Local Area Network

DEFF Research Database (Denmark)

Isah, Abdullahi

The thesis has proposed and implemented a so-called SNS (Social network security) model for intrusion prevention in the Wireless Local Area Network of an organization. An experimental design was used to implement and test the model at a university in Nigeria.......The thesis has proposed and implemented a so-called SNS (Social network security) model for intrusion prevention in the Wireless Local Area Network of an organization. An experimental design was used to implement and test the model at a university in Nigeria....

A Study of Security Awareness Information Delivery within the Defense Intelligence Community

Science.gov (United States)

Krasley, Paul F.

2011-01-01

Due to limited resources and inconsistent guidance from the U.S. Federal Government, Department of Defense, and multiple environments within the intelligence community, the defense intelligence agencies each developed their own methods to deliver security awareness information. These multiple delivery methods may be providing different levels of…

National Plan to Achieve Maritime Domain Awareness for the National Strategy for Maritime Security

National Research Council Canada - National Science Library

2005-01-01

Maritime Domain Awareness (MDA) is the effective understanding of anything associated with the global maritime domain that could impact the security, safety, economy, or environment of the United States...

Access Control from an Intrusion Detection Perspective

NARCIS (Netherlands)

Nunes Leal Franqueira, V.

Access control and intrusion detection are essential components for securing an organization's information assets. In practice, these components are used in isolation, while their fusion would contribute to increase the range and accuracy of both. One approach to accomplish this fusion is the

RIDES: Robust Intrusion Detection System for IP-Based Ubiquitous Sensor Networks

Directory of Open Access Journals (Sweden)

Sungwon Lee

2009-05-01

Full Text Available TheIP-based Ubiquitous Sensor Network (IP-USN is an effort to build the “Internet of things”. By utilizing IP for low power networks, we can benefit from existing well established tools and technologies of IP networks. Along with many other unresolved issues, securing IP-USN is of great concern for researchers so that future market satisfaction and demands can be met. Without proper security measures, both reactive and proactive, it is hard to envisage an IP-USN realm. In this paper we present a design of an IDS (Intrusion Detection System called RIDES (Robust Intrusion DEtection System for IP-USN. RIDES is a hybrid intrusion detection system, which incorporates both Signature and Anomaly based intrusion detection components. For signature based intrusion detection this paper only discusses the implementation of distributed pattern matching algorithm with the help of signature-code, a dynamically created attack-signature identifier. Other aspects, such as creation of rules are not discussed. On the other hand, for anomaly based detection we propose a scoring classifier based on the SPC (Statistical Process Control technique called CUSUM charts. We also investigate the settings and their effects on the performance of related parameters for both of the components.

A Survey on Anomaly Based Host Intrusion Detection System

Science.gov (United States)

Jose, Shijoe; Malathi, D.; Reddy, Bharath; Jayaseeli, Dorathi

2018-04-01

An intrusion detection system (IDS) is hardware, software or a combination of two, for monitoring network or system activities to detect malicious signs. In computer security, designing a robust intrusion detection system is one of the most fundamental and important problems. The primary function of system is detecting intrusion and gives alerts when user tries to intrusion on timely manner. In these techniques when IDS find out intrusion it will send alert massage to the system administrator. Anomaly detection is an important problem that has been researched within diverse research areas and application domains. This survey tries to provide a structured and comprehensive overview of the research on anomaly detection. From the existing anomaly detection techniques, each technique has relative strengths and weaknesses. The current state of the experiment practice in the field of anomaly-based intrusion detection is reviewed and survey recent studies in this. This survey provides a study of existing anomaly detection techniques, and how the techniques used in one area can be applied in another application domain.

STUDY ON COMPANY SECURITY POLICIES FROM DIGITAL MEDIA

Directory of Open Access Journals (Sweden)

CRISTINA-MARIA RĂDULESCU

2015-12-01

Full Text Available The Internet development has brought both new opportunities and risks for either retailers or consumers. For example, electronic commerce is much faster and less expensive, but this openness makes it difficult to secure. People are aware of the fact that online businesses collecting, process and distribute enormous amounts of personal data and therefore, are concerned about their unauthorized use or their use in other purposes than intended by third parties in order to gain unauthorized access to them. There are more examples of cyber criminal activities, such as: hacking, software piracy, passwords attack, service prohibition attacks, scamming, etc. Such fears led to the editing of protection policies meant to secure personal data and to develop some mechanisms to ensure the reliability and confidentiality of electronic information. Security measures include access control devices, installation of firewalls and intrusion detection devices, of some security procedures to identify and authenticate authorized users of network systems. Such mechanisms constitute the core of this study. We will also analyze security and confidentiality policy of personal data of Google Inc.

A Quantitative Study on Japanese Internet User's Awareness to Information Security: Necessity and Importance of Education and Policy

OpenAIRE

Toshihiko Takemura; Atsushi Umino

2009-01-01

In this paper, the authors examine whether or not there Institute for Information and Communications Policy shows are differences of Japanese Internet users awareness to information security based on individual attributes by using analysis of variance based on non-parametric method. As a result, generally speaking, it is found that Japanese Internet users' awareness to information security is different by individual attributes. Especially, the authors verify that the users who received the in...

Waste Management Policy Framework to Mitigate Terrorist Intrusion Activities

International Nuclear Information System (INIS)

Redus, Kenneth S.

2003-01-01

A policy-directed framework is developed to support US Department of Energy (DOE) counterterrorism efforts, specifically terrorist intrusion activities that affect of Environmental Management (EM) programs. The framework is called the Security Effectiveness and Resource Allocation Definition Forecasting and Control System (SERAD-FACS). Use of SERAD-FACS allows trade-offs between resources, technologies, risk, and Research and Development (R and D) efforts to mitigate such intrusion attempts. Core to SERAD-FACS is (1) the understanding the perspectives and time horizons of key decisionmakers and organizations, (2) a determination of site vulnerabilities and accessibilities, and (3) quantifying the measures that describe the risk associated with a compromise of EM assets. The innovative utility of SERAD-FACS is illustrated for three integrated waste management and security strategies. EM program risks, time delays, and security for effectiveness are examined to demonstrate the significant cost and schedule impact terrorist activities can have on cleanup efforts in the DOE complex

Intrusion Detection amp Prevention Systems - Sourcefire Snort

Directory of Open Access Journals (Sweden)

Rajesh Vuppala

2015-08-01

Full Text Available Information security is a challenging issue for all business organizations today amidst increasing cyber threats. While there are many alternative intrusion detection amp prevention systems available to choose from selecting the best solution to implement to detect amp prevent cyber-attacks is a difficult task. The best solution is of the one that gets the best reviews and suits the organizations needs amp budget. In this review paper we summarize various classes of intrusion detection and prevention systems compare features of alternative solutions and make recommendation for implementation of one as the best solution for business organization in Fiji.

Intrusion detection system using Online Sequence Extreme Learning Machine (OS-ELM) in advanced metering infrastructure of smart grid.

Science.gov (United States)

Li, Yuancheng; Qiu, Rixuan; Jing, Sitong

2018-01-01

Advanced Metering Infrastructure (AMI) realizes a two-way communication of electricity data through by interconnecting with a computer network as the core component of the smart grid. Meanwhile, it brings many new security threats and the traditional intrusion detection method can't satisfy the security requirements of AMI. In this paper, an intrusion detection system based on Online Sequence Extreme Learning Machine (OS-ELM) is established, which is used to detecting the attack in AMI and carrying out the comparative analysis with other algorithms. Simulation results show that, compared with other intrusion detection methods, intrusion detection method based on OS-ELM is more superior in detection speed and accuracy.

Smart sensor systems for outdoor intrusion detection

International Nuclear Information System (INIS)

Lynn, J.K.

1988-01-01

A major improvement in outdoor perimeter security system probability of detection (PD) and reduction in false alarm rate (FAR) and nuisance alarm rate (NAR) may be obtained by analyzing the indications immediately preceding an event which might be interpreted as an intrusion. Existing systems go into alarm after crossing a threshold. Very slow changes, which accumulate until the threshold is reached, may be assessed falsely as an intrusion. A hierarchial program has begun at Stellar to develop a modular, expandable Smart Sensor system which may be interfaced to most types of sensor and alarm reporting systems. A major upgrade to the SSI Test Site is in progress so that intrusions may be simulated in a controlled and repeatable manner. A test platform is being constructed which will operate in conduction with a mobile instrumentation center with CCTVB, lighting control, weather and data monitoring and remote control of the test platform and intrusion simulators. Additional testing was contracted with an independent test facility to assess the effects of severe winter weather conditions

Revisiting Anomaly-based Network Intrusion Detection Systems

NARCIS (Netherlands)

Bolzoni, D.

2009-01-01

Intrusion detection systems (IDSs) are well-known and widely-deployed security tools to detect cyber-attacks and malicious activities in computer systems and networks. A signature-based IDS works similar to anti-virus software. It employs a signature database of known attacks, and a successful match

Measuring the Effectiveness of Visual Analytics and Data Fusion Techniques on Situation Awareness in Cyber-Security

Science.gov (United States)

Giacobe, Nicklaus A.

2013-01-01

Cyber-security involves the monitoring a complex network of inter-related computers to prevent, identify and remediate from undesired actions. This work is performed in organizations by human analysts. These analysts monitor cyber-security sensors to develop and maintain situation awareness (SA) of both normal and abnormal activities that occur on…

Testing Situation Awareness Network for the Electrical Power Infrastructure

Directory of Open Access Journals (Sweden)

Rafał Leszczyna

2016-09-01

Full Text Available The contemporary electrical power infrastructure is exposed to new types of threats. The cause of such threats is related to the large number of new vulnerabilities and architectural weaknesses introduced by the extensive use of Information and communication Technologies (ICT in such complex critical systems. The power grid interconnection with the Internet exposes the grid to new types of attacks, such as Advanced Persistent Threats (APT or Distributed-Denial-ofService (DDoS attacks. When addressing this situation the usual cyber security technologies are prerequisite, but not sufficient. To counter evolved and highly sophisticated threats such as the APT or DDoS, state-of-the-art technologies including Security Incident and Event Management (SIEM systems, extended Intrusion Detection/Prevention Systems (IDS/IPS and Trusted Platform Modules (TPM are required. Developing and deploying extensive ICT infrastructure that supports wide situational awareness and allows precise command and control is also necessary. In this paper the results of testing the Situational Awareness Network (SAN designed for the energy sector are presented. The purpose of the tests was to validate the selection of SAN components and check their operational capability in a complex test environment. During the tests’ execution appropriate interaction between the components was verified.

DETERMINATION OF CYBER SECURITY AWARENESS OF PUBLIC EMPLOYEES AND CONSCIOUSNESS-RISING SUGGESTIONS

Directory of Open Access Journals (Sweden)

Huseyin Kuru

2016-07-01

Full Text Available The aim of this study is to measure Turkish government employees’ awareness of cyber security and cyber space elements. Participants were 71 Turkish public employees working for various ministries. Both qualitative and quantitative research methods were used to get the most detailed information from the participants. A survey was administered to cyber security officers in chosen state institutions. For qualitative research, open-ended questions were administered to the participants. Reliability and validity issues were established for both surveys. Results show that employees have enough information about cyber security and cyber warfare. Findings clearly suggests that cyber defense policy should be planned in coordination with other state institutions and experiences should be shared. In order to create feasible and realistic cyber security policy at institutional level, experts at cyber security must be trained, hired and help must be requested from specialized individuals and institutions. This study recommends that rapid reaction teams (RRT should be established to take care of cyber systems, to react against cyber breaches in time, to alert staff for cyber-attacks in order to establish effective recovery.

Intrusion detection system using Online Sequence Extreme Learning Machine (OS-ELM in advanced metering infrastructure of smart grid.

Directory of Open Access Journals (Sweden)

Yuancheng Li

Full Text Available Advanced Metering Infrastructure (AMI realizes a two-way communication of electricity data through by interconnecting with a computer network as the core component of the smart grid. Meanwhile, it brings many new security threats and the traditional intrusion detection method can't satisfy the security requirements of AMI. In this paper, an intrusion detection system based on Online Sequence Extreme Learning Machine (OS-ELM is established, which is used to detecting the attack in AMI and carrying out the comparative analysis with other algorithms. Simulation results show that, compared with other intrusion detection methods, intrusion detection method based on OS-ELM is more superior in detection speed and accuracy.

Information Technology: DoD FY 2004 Implementation of the Federal Information Security Management Act for Information Technology Training and Awareness

National Research Council Canada - National Science Library

Davis, Sarah; Mitchell, James; Palmer, Kevin A; Riggins, Liyang; Truex, Kathryn; Williams, Zac

2004-01-01

...). Specifically, we evaluated whether all agency employees, including contractors, received IT security training and awareness and whether employees with significant IT security responsibilities...

TWO-LAYER SECURE PREVENTION MECHANISM FOR REDUCING E-COMMERCE SECURITY RISKS

OpenAIRE

Sen-Tarng Lai

2015-01-01

E-commerce is an important information system in the network and digital age. However, the network intrusion, malicious users, virus attack and system security vulnerabilities have continued to threaten the operation of the e-commerce, making e-commerce security encounter serious test. How to improve ecommerce security has become a topic worthy of further exploration. Combining routine security test and security event detection procedures, this paper proposes the Two-Layer Secure ...

An Automata Based Intrusion Detection Method for Internet of Things

Directory of Open Access Journals (Sweden)

Yulong Fu

2017-01-01

Full Text Available Internet of Things (IoT transforms network communication to Machine-to-Machine (M2M basis and provides open access and new services to citizens and companies. It extends the border of Internet and will be developed as one part of the future 5G networks. However, as the resources of IoT’s front devices are constrained, many security mechanisms are hard to be implemented to protect the IoT networks. Intrusion detection system (IDS is an efficient technique that can be used to detect the attackers when cryptography is broken, and it can be used to enforce the security of IoT networks. In this article, we analyzed the intrusion detection requirements of IoT networks and then proposed a uniform intrusion detection method for the vast heterogeneous IoT networks based on an automata model. The proposed method can detect and report the possible IoT attacks with three types: jam-attack, false-attack, and reply-attack automatically. We also design an experiment to verify the proposed IDS method and examine the attack of RADIUS application.

A Comprehensive Review and meta-analysis on Applications of Machine Learning Techniques in Intrusion Detection

Directory of Open Access Journals (Sweden)

Manojit Chattopadhyay

2018-05-01

Full Text Available Securing a machine from various cyber-attacks has been of serious concern for researchers, statutory bodies such as governments, business organizations and users in both wired and wireless media. However, during the last decade, the amount of data handling by any device, particularly servers, has increased exponentially and hence the security of these devices has become a matter of utmost concern. This paper attempts to examine the challenges in the application of machine learning techniques to intrusion detection. We review different inherent issues in defining and applying the machine learning techniques to intrusion detection. We also attempt to identify the best technological solution for changing usage pattern by comparing different machine learning techniques on different datasets and summarizing their performance using various performance metrics. This paper highlights the research challenges and future trends of intrusion detection in dynamic scenarios of intrusion detection problems in diverse network technologies.

Apriori-based network intrusion detection system

International Nuclear Information System (INIS)

Wang Wenjin; Liu Junrong; Liu Baoxu

2012-01-01

With the development of network communication technology, more and more social activities run by Internet. In the meantime, the network information security is getting increasingly serious. Intrusion Detection System (IDS) has greatly improved the general security level of whole network. But there are still many problem exists in current IDS, e.g. high leak rate detection/false alarm rates and feature library need frequently upgrade. This paper presents an association-rule based IDS. This system can detect unknown attack by generate rules from training data. Experiment in last chapter proved the system has great accuracy on unknown attack detection. (authors)

Misuse and intrusion detection at Los Alamos National Laboratory

Energy Technology Data Exchange (ETDEWEB)

Jackson, K.A.; Neuman, M.C.; Simmonds, D.D.; Stallings, C.A.; Thompson, J.L.; Christoph, G.G.

1995-04-01

An effective method for detecting computer misuse is the automatic auditing and analysis of on-line user activity. This activity is reflected in system audit records, in system vulnerability postures, and in other evidence found through active system testing. Since 1989 we have implemented a misuse and intrusion detection system at Los Alamos. This is the Network Anomaly Detection and Intrusion Reporter, or NADIR. NADIR currently audits a Kerberos distributed authentication system, file activity on a mass, storage system, and four Cray supercomputers that run the UNICOS operating system. NADIR summarizes user activity and system configuration in statistical profiles. It compares these profiles to expert rules that define security policy and improper or suspicious behavior. It reports suspicious behavior to security auditors and provides tools to aid in follow-up investigations, As NADIR is constantly evolving, this paper reports its development to date.

An investigation into users' information security awareness on social networks in south western Nigeria

Directory of Open Access Journals (Sweden)

Julius O. Okesola

2016-11-01

Full Text Available Background: Social networks (SNs offer new and exciting opportunities for interaction among people, cutting across different stratum of the society and providing a ubiquitous mechanism that supports a wide variety of activities. They are at the same time being exploited by criminals to fraudulently obtain information from unsuspecting users. Unfortunately, the seamless communication and semblance of safety assumed by most users make them oblivious to the potential online dangers. Objective: Using quantitative methods on selected social sites, this study empirically examined the information security awareness of SN users in south western Nigeria. Method: A self-designed research instrument was administered for data collection while descriptive and inferential statistics were employed using chi-square, cross-tabulation and t-test for data analysis and result interpretation. Result: Findings from the analysed data suggest that the risk perception vary among male and female SN users and that the general perception of risks regarding SN usage is also very low. Conclusion: Adequate security awareness coupled with detailed legal measures are required to keep SNs secured. However, an individual is duly responsible for the habit of ignoring potential risks posed by the networks.

Attacks and Intrusion Detection in Cloud Computing Using Neural Networks and Particle Swarm Optimization Algorithms

Directory of Open Access Journals (Sweden)

Ahmad Shokuh Saljoughi

2018-01-01

Full Text Available Today, cloud computing has become popular among users in organizations and companies. Security and efficiency are the two major issues facing cloud service providers and their customers. Since cloud computing is a virtual pool of resources provided in an open environment (Internet, cloud-based services entail security risks. Detection of intrusions and attacks through unauthorized users is one of the biggest challenges for both cloud service providers and cloud users. In the present study, artificial intelligence techniques, e.g. MLP Neural Network sand particle swarm optimization algorithm, were used to detect intrusion and attacks. The methods were tested for NSL-KDD, KDD-CUP datasets. The results showed improved accuracy in detecting attacks and intrusions by unauthorized users.

Nuclear-power-plant perimeter-intrusion alarm systems

International Nuclear Information System (INIS)

Halsey, D.J.

1982-04-01

Timely intercept of an intruder requires the examination of perimeter barriers and sensors in terms of reliable detection, immediate assessment and prompt response provisions. Perimeter security equipment and operations must at the same time meet the requirements of the Code of Federal Regulations, 10 CFR 73.55 with some attention to the performance and testing figures of Nuclear Regulatory Guide 5.44, Revision 2, May 1980. A baseline system is defined which recommends a general approach to implementing perimeter security elements: barriers, lighting, intrusion detection, alarm assessment. The baseline approach emphasizes cost/effectiveness achieved by detector layering and logic processing of alarm signals to produce reliable alarms and low nuisance alarm rates. A cost benefit of layering along with video assessment is reduction in operating expense. The concept of layering is also shown to minimize testing costs where detectability performance as suggested by Regulatory Guide 5.44 is to be performed. Synthesis of the perimeter intrusion alarm system and limited testing of CCTV and Video Motion Detectors (VMD), were performed at E-Systems, Greenville Division, Greenville, Texas during 1981

Towards Information Security Awareness

OpenAIRE

Marius Petrescu; Delia Mioara Popescu; Nicoleta Sirbu

2010-01-01

Information security has come to be recognized as increasingly important because global communication and information systems allow a potentially large number of unauthorized users to access and possibly alter information from around the world. As the dependence on information systems grows, so the security of information networks becomes ever more critical to any entity, no matter if it is a company or a public institution. Information security involves both technology and people. Any securi...

A Survey on Cross-Layer Intrusion Detection System for Wireless ...

African Journals Online (AJOL)

pc

2018-03-05

Mar 5, 2018 ... excessive packet collision, artificially increases contention, decrease signal .... Intelligent security architecture was conducted by [36], as an intrusion ... the main disadvantages of this scheme is: The IDS node is static (runs ...

The Houston Ship Channel security: a case study

Science.gov (United States)

Le, Han Q.; Bellamy, P. A.; Pei, S. S. S.

2007-04-01

The Houston Ship Channel (HSC) is a 50-mile long shipping channel that contains many private ports including the Port of Houston Authority. It has a uniquely critical role with respect to the US petroleum energy supply. The HSC security is currently planned for significant enhancement under the auspices of the Harris County and the Houston-based Port Strategic Security Council. The ultimate objective is to comprehensively address the HSC threat matrix. This paper describes the technical effort in support of this program. The HSC security is a complex system of systems that includes the physical control access system, the command, control, communication, and information (C4I) system, and the telecom infrastructure. The strategy is to coordinate the improvements of different components to achieve a high-impact net effectiveness. A key element is a planned high-capacity backbone optical network for integrating the C4I of many different HSC administrative-jurisdictional authorities, which will allow unified situational awareness for a more effective cooperation and coordination. Enhancement of surveillance and intrusion protection is crucial. A feasibility study was conducted for the HSC assuming common surveillance technologies including visible/IR camera, radar, and sonar. The method includes survey and theoretical modeling to detect threats of concern in the HSC natural environment. The result indicates that the HSC unique river-like geography offers both advantages and challenges. The narrow channel allows ease of waterside surveillance, but likely incurs high cost for its great length. In addition, landside security is also important owing to its location amidst urban-industrial zone. Lastly, limitation of the various technologies is discussed by considering the broader challenges of the intrusion problem.

Orthodontic intrusion : Conventional and mini-implant assisted intrusion mechanics

Directory of Open Access Journals (Sweden)

Anup Belludi

2012-01-01

intrusion has revolutionized orthodontic anchorage and biomechanics by making anchorage perfectly stable. This article addresses various conventional clinical intrusion mechanics and especially intrusion using mini-implants that have proven effective over the years for intrusion of maxillary anteriors.

Security By Design

OpenAIRE

Tanner, M. James

2009-01-01

Securing a computer from unwanted intrusion requires astute planning and effort to effectively minimize the security invasions computers are plagued with today. While all of the efforts to secure a computer are needed, it seems that the underlying issue of what is being secured has been overlooked. The operating system is at the core of the security issue. Many applications and devices have been put into place to add layers of protection to an already weak operating system. Security did not u...

Evaluation of the awareness and effectiveness of IT security programs in a large publicly funded health care system.

Science.gov (United States)

Hepp, Shelanne L; Tarraf, Rima C; Birney, Arden; Arain, Mubashir Aslam

2017-01-01

Electronic health records are becoming increasingly common in the health care industry. Although information technology (IT) poses many benefits to improving health care and ease of access to information, there are also security and privacy risks. Educating health care providers is necessary to ensure proper use of health information systems and IT and reduce undesirable outcomes. This study evaluated employees' awareness and perceptions of the effectiveness of two IT educational training modules within a large publicly funded health care system in Canada. Semi-structured interviews and focus groups included a variety of professional roles within the organisation. Participants also completed a brief demographic data sheet. With the consent of participants, all interviews and focus groups were audio recorded. Thematic analysis and descriptive statistics were used to evaluate the effectiveness of the IT security training modules. Five main themes emerged: (i) awareness of the IT training modules, (ii) the content of modules, (iii) staff perceptions about differences between IT security and privacy issues, (iv) common breaches of IT security and privacy, and (v) challenges and barriers to completing the training program. Overall, nonclinical staff were more likely to be aware of the training modules than were clinical staff. We found e-learning was a feasible way to educate a large number of employees. However, health care providers required a module on IT security and privacy that was relatable and applicable to their specific roles. Strategies to improve staff education and mitigate against IT security and privacy risks are discussed. Future research should focus on integrating health IT competencies into the educational programs for health care professionals.

Metric-Aware Secure Service Orchestration

Directory of Open Access Journals (Sweden)

Gabriele Costa

2012-12-01

Full Text Available Secure orchestration is an important concern in the internet of service. Next to providing the required functionality the composite services must also provide a reasonable level of security in order to protect sensitive data. Thus, the orchestrator has a need to check whether the complex service is able to satisfy certain properties. Some properties are expressed with metrics for precise definition of requirements. Thus, the problem is to analyse the values of metrics for a complex business process. In this paper we extend our previous work on analysis of secure orchestration with quantifiable properties. We show how to define, verify and enforce quantitative security requirements in one framework with other security properties. The proposed approach should help to select the most suitable service architecture and guarantee fulfilment of the declared security requirements.

Human intrusion

International Nuclear Information System (INIS)

Hora, S.; Neill, R.; Williams, R.; Bauser, M.; Channell, J.

1993-01-01

This paper focused on the possible approaches to evaluating the impacts of human intrusion on nuclear waste disposal. Several major issues were reviewed. First, it was noted that human intrusion could be addressed either quantitatively through performance assessments or qualitatively through design requirements. Second, it was decided that it was impossible to construct a complete set of possible future human intrusion scenarios. Third, the question of when the effect of possible human intrusion should be considered, before or after site selection was reviewed. Finally, the time frame over which human intrusion should be considered was discussed

Creating a two-layered augmented artificial immune system for application to computer network intrusion detection

Science.gov (United States)

Judge, Matthew G.; Lamont, Gary B.

2009-05-01

Computer network security has become a very serious concern of commercial, industrial, and military organizations due to the increasing number of network threats such as outsider intrusions and insider covert activities. An important security element of course is network intrusion detection which is a difficult real world problem that has been addressed through many different solution attempts. Using an artificial immune system has been shown to be one of the most promising results. By enhancing jREMISA, a multi-objective evolutionary algorithm inspired artificial immune system, with a secondary defense layer; we produce improved accuracy of intrusion classification and a flexibility in responsiveness. This responsiveness can be leveraged to provide a much more powerful and accurate system, through the use of increased processing time and dedicated hardware which has the flexibility of being located out of band.

A Labeled Data Set For Flow-based Intrusion Detection

NARCIS (Netherlands)

Sperotto, Anna; Sadre, R.; van Vliet, Frank; Pras, Aiko; Nunzi, Giorgio; Scoglio, Caterina; Li, Xing

2009-01-01

Flow-based intrusion detection has recently become a promising security mechanism in high speed networks (1-10 Gbps). Despite the richness in contributions in this field, benchmarking of flow-based IDS is still an open issue. In this paper, we propose the first publicly available, labeled data set

Combining Host-based and network-based intrusion detection system

African Journals Online (AJOL)

These attacks were simulated using hping. The proposed system is implemented in Java. The results show that the proposed system is able to detect attacks both from within (host-based) and outside sources (network-based). Key Words: Intrusion Detection System (IDS), Host-based, Network-based, Signature, Security log.

Service Oriented Architecture in Network Security - a novel Organisation in Security Systems

OpenAIRE

Hilker, Michael; Schommer, Christoph

2008-01-01

Current network security systems are a collection of various security components, which are directly installed in the operating system. These check the whole node for suspicious behaviour. Armouring intrusions e.g. have the ability to hide themselves from being checked. We present in this paper an alternative organisation of security systems. The node is completely virtualized with current virtualization systems so that the operating system with applications and the security system is disting...

Using discriminant analysis to detect intrusions in external communication for self-driving vehicles

Directory of Open Access Journals (Sweden)

Khattab M.Ali Alheeti

2017-08-01

Full Text Available Security systems are a necessity for the deployment of smart vehicles in our society. Security in vehicular ad hoc networks is crucial to the reliable exchange of information and control data. In this paper, we propose an intelligent Intrusion Detection System (IDS to protect the external communication of self-driving and semi self-driving vehicles. This technology has the ability to detect Denial of Service (DoS and black hole attacks on vehicular ad hoc networks (VANETs. The advantage of the proposed IDS over existing security systems is that it detects attacks before they causes significant damage. The intrusion prediction technique is based on Linear Discriminant Analysis (LDA and Quadratic Discriminant Analysis (QDA which are used to predict attacks based on observed vehicle behavior. We perform simulations using Network Simulator 2 to demonstrate that the IDS achieves a low rate of false alarms and high accuracy in detection.

A subtractive approach to interior intrusion detection system design

International Nuclear Information System (INIS)

Sons, R.J.; Graham, R.H. Jr.

1986-01-01

This paper discusses the subtractive approach to interior intrusion detection system design which assumes that all sensors are viable candidates until they are subjected to the constraints imposed by a particular facility. The constraints are determined by a sequence of questions concerning parameters such as threat definition, facility description and operation, environment, assets to be protected, security system capabilities, and cost. As a result of the questioning, some sensors will be eliminated from the candidate list, and the ''best'' set of sensors for the facility will remain. This form of questioning could be incorporated into an expert system aiding future intrusion detection system designs

Information Security Service Branding – beyond information security awareness

Directory of Open Access Journals (Sweden)

Rahul Rastogi

2012-12-01

Full Text Available End-users play a critical role in the effective implementation and running of an information security program in any organization. The success of such a program depends primarily on the effective implementation and execution of associated information security policies and controls and the resultant behavior and actions of end-users. However, end-users often have negative perception of information security in the organization and exhibit non-compliance. In order to improve compliance levels, it is vital to improve the image of information security in the minds of end-users. This paper borrows the concepts of brands and branding from the domain of marketing to achieve this objective and applies these concepts to information security. The paper also describes a process for creating the information security service brand in the organization.

Framework for Securing Mobile Software Agents

OpenAIRE

Mwakalinga, G Jeffy; Yngström, Louise

2006-01-01

Information systems are growing in size and complexity making it infeasible for human administrators to manage them. The aim of this work is to study ways of securing and using mobile software agents to deter attackers, protect information systems, detect intrusions, automatically respond to the intrusions and attacks, and to produce recovery services to systems after attacks. Current systems provide intrusion detection, prevention, protection, response, and recovery services but most of thes...

Technologies, Methodologies and Challenges in Network Intrusion Detection and Prevention Systems

Directory of Open Access Journals (Sweden)

Nicoleta STANCIU

2013-01-01

Full Text Available This paper presents an overview of the technologies and the methodologies used in Network Intrusion Detection and Prevention Systems (NIDPS. Intrusion Detection and Prevention System (IDPS technologies are differentiated by types of events that IDPSs can recognize, by types of devices that IDPSs monitor and by activity. NIDPSs monitor and analyze the streams of network packets in order to detect security incidents. The main methodology used by NIDPSs is protocol analysis. Protocol analysis requires good knowledge of the theory of the main protocols, their definition, how each protocol works.

Messaging Attacks on Android: Vulnerabilities and Intrusion Detection

Directory of Open Access Journals (Sweden)

Khodor Hamandi

2015-01-01

Full Text Available Currently, Android is the leading mobile operating system in number of users worldwide. On the security side, Android has had significant challenges despite the efforts of the Android designers to provide a secure environment for apps. In this paper, we present numerous attacks targeting the messaging framework of the Android system. Our focus is on SMS, USSD, and the evolution of their associated security in Android and accordingly the development of related attacks. Also, we shed light on the Android elements that are responsible for these attacks. Furthermore, we present the architecture of an intrusion detection system (IDS that promises to thwart SMS messaging attacks. Our IDS shows a detection rate of 87.50% with zero false positives.

Panacea: Automating Attack Classification for Anomaly-based Network Intrusion Detection Systems

NARCIS (Netherlands)

Bolzoni, D.; Etalle, Sandro; Hartel, Pieter H.; Kirda, E.; Jha, S.; Balzarotti, D.

Anomaly-based intrusion detection systems are usually criticized because they lack a classication of attack, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an

Panacea : Automating attack classification for anomaly-based network intrusion detection systems

NARCIS (Netherlands)

Bolzoni, D.; Etalle, S.; Hartel, P.H.; Kirda, E.; Jha, S.; Balzarotti, D.

2009-01-01

Anomaly-based intrusion detection systems are usually criticized because they lack a classification of attacks, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an

Panacea : Automating attack classification for anomaly-based network intrusion detection systems

NARCIS (Netherlands)

Bolzoni, D.; Etalle, S.; Hartel, P.H.

2009-01-01

Anomaly-based intrusion detection systems are usually criticized because they lack a classification of attack, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an

Panacea: Automating Attack Classification for Anomaly-based Network Intrusion Detection Systems

NARCIS (Netherlands)

Bolzoni, D.; Etalle, Sandro; Hartel, Pieter H.

2009-01-01

Anomaly-based intrusion detection systems are usually criticized because they lack a classication of attack, thus security teams have to manually inspect any raised alert to classify it. We present a new approach, Panacea, to automatically and systematically classify attacks detected by an

CWSP Certified Wireless Security Professional Official Study Guide, Exam PW0-204

CERN Document Server

Coleman, David D; Harkins, Bryan E

2010-01-01

Sybex is now the official publisher for Certified Wireless Network Professional, the certifying vendor for the CWSP program. This guide covers all exam objectives, including WLAN discovery techniques, intrusion and attack techniques, 802.11 protocol analysis. Wireless intrusion-prevention systems implementation, layer 2 and 3 VPNs used over 802.11 networks, and managed endpoint security systems. It also covers enterprise/SMB/SOHO/Public-Network Security design models and security solution implementation, building robust security networks, wireless LAN management systems, and much more.

The cyber security threat stops in the boardroom.

Science.gov (United States)

Scully, Tim

The attitude that 'it won't happen to me' still prevails in the boardrooms of industry when senior executives consider the threat of targeted cyber intrusions. Not much has changed in the commercial world of cyber security over the past few years; hackers are not being challenged to find new ways to steal companies' intellectual property and confidential information. The consequences of even major security breaches seem not to be felt by the leaders of victim companies. Why is this so? Surely IT security practitioners are seeking new ways to detect and prevent targeted intrusions into companies' networks? Are the consequences of targeted intrusions so insignificant that the captains of industry tolerate them? Or do only others feel the pain of their failure? This paper initially explores the failure of cyber security in industry and contends that, while industry leaders should not be alone in accepting responsibility for this failure, they must take the initiative to make life harder for cyber threat actors. They cannot wait for government leadership on policy, strategy or coordination. The paper then suggests some measures that a CEO can adopt to build a new corporate approach to cyber security.

Acoustic emission intrusion detector

International Nuclear Information System (INIS)

Carver, D.W.; Whittaker, J.W.

1980-01-01

An intrusion detector is provided for detecting a forcible entry into a secured structure while minimizing false alarms. The detector uses a piezoelectric crystal transducer to sense acoustic emissions. The transducer output is amplified by a selectable gain amplifier to control the sensitivity. The rectified output of the amplifier is applied to a Schmitt trigger circuit having a preselected threshold level to provide amplitude discrimination. Timing circuitry is provided which is activated by successive pulses from the Schmitt trigger which lie within a selected time frame for frequency discrimination. Detected signals having proper amplitude and frequency trigger an alarm within the first complete cycle time of a detected acoustical disturbance signal

Security for multihop wireless networks

CERN Document Server

Khan, Shafiullah

2014-01-01

Security for Multihop Wireless Networks provides broad coverage of the security issues facing multihop wireless networks. Presenting the work of a different group of expert contributors in each chapter, it explores security in mobile ad hoc networks, wireless sensor networks, wireless mesh networks, and personal area networks.Detailing technologies and processes that can help you secure your wireless networks, the book covers cryptographic coprocessors, encryption, authentication, key management, attacks and countermeasures, secure routing, secure medium access control, intrusion detection, ep

Junos Security

CERN Document Server

Cameron, Rob; Giecco, Patricio; Eberhard, Timothy; Quinn, James

2010-01-01

Junos® Security is the complete and authorized introduction to the new Juniper Networks SRX hardware series. This book not only provides a practical, hands-on field guide to deploying, configuring, and operating SRX, it also serves as a reference to help you prepare for any of the Junos Security Certification examinations offered by Juniper Networks. Network administrators and security professionals will learn how to use SRX Junos services gateways to address an array of enterprise data network requirements -- including IP routing, intrusion detection, attack mitigation, unified threat manag

Multi-User Low Intrusive Occupancy Detection.

Science.gov (United States)

Pratama, Azkario Rizky; Widyawan, Widyawan; Lazovik, Alexander; Aiello, Marco

2018-03-06

Smart spaces are those that are aware of their state and can act accordingly. Among the central elements of such a state is the presence of humans and their number. For a smart office building, such information can be used for saving energy and safety purposes. While acquiring presence information is crucial, using sensing techniques that are highly intrusive, such as cameras, is often not acceptable for the building occupants. In this paper, we illustrate a proposal for occupancy detection which is low intrusive; it is based on equipment typically available in modern offices such as room-level power-metering and an app running on workers' mobile phones. For power metering, we collect the aggregated power consumption and disaggregate the load of each device. For the mobile phone, we use the Received Signal Strength (RSS) of BLE (Bluetooth Low Energy) nodes deployed around workspaces to localize the phone in a room. We test the system in our offices. The experiments show that sensor fusion of the two sensing modalities gives 87-90% accuracy, demonstrating the effectiveness of the proposed approach.

Multi-User Low Intrusive Occupancy Detection

Science.gov (United States)

Widyawan, Widyawan; Lazovik, Alexander

2018-01-01

Smart spaces are those that are aware of their state and can act accordingly. Among the central elements of such a state is the presence of humans and their number. For a smart office building, such information can be used for saving energy and safety purposes. While acquiring presence information is crucial, using sensing techniques that are highly intrusive, such as cameras, is often not acceptable for the building occupants. In this paper, we illustrate a proposal for occupancy detection which is low intrusive; it is based on equipment typically available in modern offices such as room-level power-metering and an app running on workers’ mobile phones. For power metering, we collect the aggregated power consumption and disaggregate the load of each device. For the mobile phone, we use the Received Signal Strength (RSS) of BLE (Bluetooth Low Energy) nodes deployed around workspaces to localize the phone in a room. We test the system in our offices. The experiments show that sensor fusion of the two sensing modalities gives 87–90% accuracy, demonstrating the effectiveness of the proposed approach. PMID:29509693

Hybrid Intrusion Forecasting Framework for Early Warning System

Science.gov (United States)

Kim, Sehun; Shin, Seong-Jun; Kim, Hyunwoo; Kwon, Ki Hoon; Han, Younggoo

Recently, cyber attacks have become a serious hindrance to the stability of Internet. These attacks exploit interconnectivity of networks, propagate in an instant, and have become more sophisticated and evolutionary. Traditional Internet security systems such as firewalls, IDS and IPS are limited in terms of detecting recent cyber attacks in advance as these systems respond to Internet attacks only after the attacks inflict serious damage. In this paper, we propose a hybrid intrusion forecasting system framework for an early warning system. The proposed system utilizes three types of forecasting methods: time-series analysis, probabilistic modeling, and data mining method. By combining these methods, it is possible to take advantage of the forecasting technique of each while overcoming their drawbacks. Experimental results show that the hybrid intrusion forecasting method outperforms each of three forecasting methods.

Information security management handbook

CERN Document Server

2002-01-01

The Information Security Management Handbook continues its tradition of consistently communicating the fundamental concepts of security needed to be a true CISSP. In response to new developments, Volume 4 supplements the previous volumes with new information covering topics such as wireless, HIPAA, the latest hacker attacks and defenses, intrusion detection, and provides expanded coverage on security management issues and applications security. Even those that don't plan on sitting for the CISSP exam will find that this handbook is a great information security reference.The changes in the tech

INTERNET SECURITY – TECHNOLOGY AND SOCIAL AWARENESS OF THE DANGERS

Directory of Open Access Journals (Sweden)

Laskowski Piotr Paweł

2017-06-01

Full Text Available The article describes selected issues related to user safety on the Internet. This safety consists of a number of factors such as the technology that we use to communicate and to browse the Internet, and habits and behaviors that we have acquired and through which we can identify at least some typical hazards encountered on the Web. Knowledge of software and the ability to use it and to configure it properly as well as checking regularly for security updates reduces the risk of data loss or identity theft. Public awareness of threats continues to grow, but there are also new, previously unknown threats; that is why it is so important to inform of the dangers by all available channels of communication.

Secure Communication using Identity Based Encryption

NARCIS (Netherlands)

Roschke, Sebastian; Ibraimi, L.; Cheng, Feng; Meinel, Christoph

2010-01-01

Secured communication has been widely deployed to guarantee confidentiality and integrity of connections over untrusted networks, e.g., the Internet. Although secure connections are designed to prevent attacks on the connection, they hide attacks inside the channel from being analyzed by Intrusion

Passive Barriers to Inadvertent Human Intrusion for Use at the Nevada Test Site

International Nuclear Information System (INIS)

NSTec Environmental Management

2007-01-01

In July1996, BN transmitted Passive Barriers to Inadvertent Human Intrusion for Use at the Nevada Test Site to the United States Department of Energy, under Contract DE-AC08-91NV10833. The 1996 paper had a limited distribution and was not reviewed for public release. In 2007, National Security Technologies LLC (NSTec) made minor revisions to conform to current editorial standards of the NNSA/NSO and to meet current security requirements for public release. The primary purpose of this study was to identify types of engineered passive barriers that could deter future intrusion into buried low-level radioactive waste, particularly intrusion by drilling water wells. The study considered drilling technology, many natural and man-made materials, and both underground and above-ground barriers. Based on cost and effectiveness, the report recommended underground barriers consisting of a layer of rubble or tires. An aboveground barrier mound might also prove effective, but would cost more, and may become an attractive nuisance (e.g., might, after their purpose has been forgotten, encourage exploration for the sake of satisfying curiosity). Advances in drilling technology could render any engineered barriers ineffective if there is motivation to penetrate the barriers

Effective approach toward Intrusion Detection System using data mining techniques

Directory of Open Access Journals (Sweden)

G.V. Nadiammai

2014-03-01

Full Text Available With the tremendous growth of the usage of computers over network and development in application running on various platform captures the attention toward network security. This paradigm exploits security vulnerabilities on all computer systems that are technically difficult and expensive to solve. Hence intrusion is used as a key to compromise the integrity, availability and confidentiality of a computer resource. The Intrusion Detection System (IDS plays a vital role in detecting anomalies and attacks in the network. In this work, data mining concept is integrated with an IDS to identify the relevant, hidden data of interest for the user effectively and with less execution time. Four issues such as Classification of Data, High Level of Human Interaction, Lack of Labeled Data, and Effectiveness of Distributed Denial of Service Attack are being solved using the proposed algorithms like EDADT algorithm, Hybrid IDS model, Semi-Supervised Approach and Varying HOPERAA Algorithm respectively. Our proposed algorithm has been tested using KDD Cup dataset. All the proposed algorithm shows better accuracy and reduced false alarm rate when compared with existing algorithms.

Cloud Computing Security

OpenAIRE

Ngongang, Guy

2011-01-01

This project aimed to show how possible it is to use a network intrusion detection system in the cloud. The security in the cloud is a concern nowadays and security professionals are still finding means to make cloud computing more secure. First of all the installation of the ESX4.0, vCenter Server and vCenter lab manager in server hardware was successful in building the platform. This allowed the creation and deployment of many virtual servers. Those servers have operating systems and a...

Data mining approach to web application intrusions detection

Science.gov (United States)

Kalicki, Arkadiusz

2011-10-01

Web applications became most popular medium in the Internet. Popularity, easiness of web application script languages and frameworks together with careless development results in high number of web application vulnerabilities and high number of attacks performed. There are several types of attacks possible because of improper input validation: SQL injection Cross-site scripting, Cross-Site Request Forgery (CSRF), web spam in blogs and others. In order to secure web applications intrusion detection (IDS) and intrusion prevention systems (IPS) are being used. Intrusion detection systems are divided in two groups: misuse detection (traditional IDS) and anomaly detection. This paper presents data mining based algorithm for anomaly detection. The principle of this method is the comparison of the incoming HTTP traffic with a previously built profile that contains a representation of the "normal" or expected web application usage sequence patterns. The frequent sequence patterns are found with GSP algorithm. Previously presented detection method was rewritten and improved. Some tests show that the software catches malicious requests, especially long attack sequences, results quite good with medium length sequences, for short length sequences must be complemented with other methods.

AdaBoost-based algorithm for network intrusion detection.

Science.gov (United States)

Hu, Weiming; Hu, Wei; Maybank, Steve

2008-04-01

Network intrusion detection aims at distinguishing the attacks on the Internet from normal use of the Internet. It is an indispensable part of the information security system. Due to the variety of network behaviors and the rapid development of attack fashions, it is necessary to develop fast machine-learning-based intrusion detection algorithms with high detection rates and low false-alarm rates. In this correspondence, we propose an intrusion detection algorithm based on the AdaBoost algorithm. In the algorithm, decision stumps are used as weak classifiers. The decision rules are provided for both categorical and continuous features. By combining the weak classifiers for continuous features and the weak classifiers for categorical features into a strong classifier, the relations between these two different types of features are handled naturally, without any forced conversions between continuous and categorical features. Adaptable initial weights and a simple strategy for avoiding overfitting are adopted to improve the performance of the algorithm. Experimental results show that our algorithm has low computational complexity and error rates, as compared with algorithms of higher computational complexity, as tested on the benchmark sample data.

SEADE: Countering the Futility of Network Security

Science.gov (United States)

2015-10-01

guards, and computer cages) and logical security measures (network firewall and intrusion detection). However, no matter how many layers of network...security built-in and with minimal security dependence on network security appliances (e.g., firewalls ). As Secretary of Defense Ashton Carter...based analysis that assumes nothing bad will happen to applications/data if those defenses prevent malware transactions at the entrance. The

Towards an integrated defense system for cyber security situation awareness experiment

Science.gov (United States)

Zhang, Hanlin; Wei, Sixiao; Ge, Linqiang; Shen, Dan; Yu, Wei; Blasch, Erik P.; Pham, Khanh D.; Chen, Genshe

2015-05-01

In this paper, an implemented defense system is demonstrated to carry out cyber security situation awareness. The developed system consists of distributed passive and active network sensors designed to effectively capture suspicious information associated with cyber threats, effective detection schemes to accurately distinguish attacks, and network actors to rapidly mitigate attacks. Based on the collected data from network sensors, image-based and signals-based detection schemes are implemented to detect attacks. To further mitigate attacks, deployed dynamic firewalls on hosts dynamically update detection information reported from the detection schemes and block attacks. The experimental results show the effectiveness of the proposed system. A future plan to design an effective defense system is also discussed based on system theory.

Multilayer Statistical Intrusion Detection in Wireless Networks

Science.gov (United States)

Hamdi, Mohamed; Meddeb-Makhlouf, Amel; Boudriga, Noureddine

2008-12-01

The rapid proliferation of mobile applications and services has introduced new vulnerabilities that do not exist in fixed wired networks. Traditional security mechanisms, such as access control and encryption, turn out to be inefficient in modern wireless networks. Given the shortcomings of the protection mechanisms, an important research focuses in intrusion detection systems (IDSs). This paper proposes a multilayer statistical intrusion detection framework for wireless networks. The architecture is adequate to wireless networks because the underlying detection models rely on radio parameters and traffic models. Accurate correlation between radio and traffic anomalies allows enhancing the efficiency of the IDS. A radio signal fingerprinting technique based on the maximal overlap discrete wavelet transform (MODWT) is developed. Moreover, a geometric clustering algorithm is presented. Depending on the characteristics of the fingerprinting technique, the clustering algorithm permits to control the false positive and false negative rates. Finally, simulation experiments have been carried out to validate the proposed IDS.

The Shaping of Managers' Security Objectives through Information Security Awareness Training

Science.gov (United States)

Harris, Mark A.

2010-01-01

Information security research states that corporate security policy and information security training should be socio-technical in nature and that corporations should consider training as a primary method of protecting their information systems. However, information security policies and training are predominately technical in nature. In addition,…

Multi-User Low Intrusive Occupancy Detection

Directory of Open Access Journals (Sweden)

Azkario Rizky Pratama

2018-03-01

Full Text Available Smart spaces are those that are aware of their state and can act accordingly. Among the central elements of such a state is the presence of humans and their number. For a smart office building, such information can be used for saving energy and safety purposes. While acquiring presence information is crucial, using sensing techniques that are highly intrusive, such as cameras, is often not acceptable for the building occupants. In this paper, we illustrate a proposal for occupancy detection which is low intrusive; it is based on equipment typically available in modern offices such as room-level power-metering and an app running on workers’ mobile phones. For power metering, we collect the aggregated power consumption and disaggregate the load of each device. For the mobile phone, we use the Received Signal Strength (RSS of BLE (Bluetooth Low Energy nodes deployed around workspaces to localize the phone in a room. We test the system in our offices. The experiments show that sensor fusion of the two sensing modalities gives 87–90% accuracy, demonstrating the effectiveness of the proposed approach.

The fierce urgency of now: a proactive, pervasive content awareness tool

Energy Technology Data Exchange (ETDEWEB)

Powell, James E [Los Alamos National Laboratory; Collins, Linn M [Los Alamos National Laboratory; Martinez, Mark L B [Los Alamos National Laboratory

2009-01-01

Information awareness is distinct from explicit infonnation seeking, such as searching. We describe an information awareness tool that supports text composition by providing awareness of relevant content and references proactively and non-intrusively. As a user composes text, the tool automatically searches mUltiple sources, retrieves results, and displays links to the results. The tool has been implemented using Web 2.0 and Digital Library 2.0 technologies, and is flexible and highly configurable.

Building an intelligence-led security program

CERN Document Server

Liska, Allan

2014-01-01

As recently as five years ago, securing a network meant putting in a firewall, intrusion detection system, and installing antivirus software on the desktop. Unfortunately, attackers have grown more nimble and effective, meaning that traditional security programs are no longer effective. Today's effective cyber security programs take these best practices and overlay them with intelligence. Adding cyber threat intelligence can help security teams uncover events not detected by traditional security platforms and correlate seemingly disparate events across the network. Properly-implemented inte

The security system analyzer: An application of the Prolog language

International Nuclear Information System (INIS)

Zimmerman, B.D.; Seeman, S.E.

1986-01-01

The Prolog programming language and entity-relationship modeling techniques were used to demonstrate a methodology for security system applications. A knowledge base was built that consists of statements modeling a generic building and surrounding area, including security fences and intrusion detectors (sensors and TV cameras). Declarative Prolog statements have the capability to use the knowledge base information in a routine manner to provide descriptive information about sensors, to dynamically update the knowledge base to provide on-line recording of changes in detector status or maintenance history, and to analyze the configuration of the building, surrounding area, and intrusion detector layout and current operability status in order to determine all the pathways from one specified point to another specified point which result in the detection probability being less than some specified value (i.e., find the ''weakest paths''). This ''search'' capability, which is the heart of the SECURITY program, allows the program to perform a CAD (computer aided design) function, and to provide a real-time security degradation analysis if intrusion detectors become inoperable. 2 refs., 3 figs

Industrial Control System Process-Oriented Intrusion Detection (iPoid) Algorithm

Science.gov (United States)

2016-08-01

SUBJECT TERMS supervisory control and data acquisition (SCADA), Modbus, industrial control system, intrusion detection system 16. SECURITY...List of Tables iv Acknowledgments v 1. Background 1 2. iPoid Modbus Packet-Inspection Capability 2 2.1 Software Requirements 2 2.2 Startup ...Mr Curtis Arnold’s support of Industrial Control Systems–Supervisory Control and Data Acquisition research at the US Army Research Laboratory

Use of Persuasive Technology to Change End-Users- IT Security Aware Behaviour: A Pilot Study

OpenAIRE

Ai Cheo Yeo; Md. Mahbubur Rahim; Yin Ying Ren

2008-01-01

Persuasive technology has been applied in marketing, health, environmental conservation, safety and other domains and is found to be quite effective in changing people-s attitude and behaviours. This research extends the application domains of persuasive technology to information security awareness and uses a theory-driven approach to evaluate the effectiveness of a web-based program developed based on the principles of persuasive technology to improve the information sec...

Intrusive and Non-Intrusive Load Monitoring (A Survey

Directory of Open Access Journals (Sweden)

Marco Danilo Burbano Acuña

2015-05-01

Full Text Available There is not discussion about the need of energyconservation, it is well known that energy resources are limitedmoreover the global energy demands will double by the end of2030, which certainly will bring implications on theenvironment and hence to all of us.Non-Intrusive load monitoring (NILM is the process ofrecognize electrical devices and its energy consumption basedon whole home electric signals, where this aggregated load datais acquired from a single point of measurement outside thehousehold. The aim of this approach is to get optimal energyconsumption and avoid energy wastage. Intrusive loadmonitoring (ILM is the process of identify and locate singledevices through the use of sensing systems to support control,monitor and intervention of such devices. The aim of thisapproach is to offer a base for the development of importantapplications for remote and automatic intervention of energyconsumption inside buildings and homes as well. For generalpurposes this paper states a general framework of NILM andILM approaches.Appliance discerns can be tackled using approaches fromdata mining and machine learning, finding out the techniquesthat fit the best this requirements, is a key factor for achievingfeasible and suitable appliance load monitoring solutions. Thispaper presents common and interesting methods used.Privacy concerns have been one of the bigger obstacles forimplementing a widespread adoption of these solutions; despitethis fact, developed countries like those inside the EU and theUK have established a deadline for the implementation ofsmart meters in the whole country, whereas USA governmentstill struggles with the acceptance of this solution by itscitizens.The implementation of security over these approachesalong with fine-grained energy monitoring would lead to abetter public agreement of these solutions and hence a fasteradoption of such approaches. This paper reveals a lack ofsecurity over these approaches with a real scenario.

On detection and visualization techniques for cyber security situation awareness

Science.gov (United States)

Yu, Wei; Wei, Shixiao; Shen, Dan; Blowers, Misty; Blasch, Erik P.; Pham, Khanh D.; Chen, Genshe; Zhang, Hanlin; Lu, Chao

2013-05-01

Networking technologies are exponentially increasing to meet worldwide communication requirements. The rapid growth of network technologies and perversity of communications pose serious security issues. In this paper, we aim to developing an integrated network defense system with situation awareness capabilities to present the useful information for human analysts. In particular, we implement a prototypical system that includes both the distributed passive and active network sensors and traffic visualization features, such as 1D, 2D and 3D based network traffic displays. To effectively detect attacks, we also implement algorithms to transform real-world data of IP addresses into images and study the pattern of attacks and use both the discrete wavelet transform (DWT) based scheme and the statistical based scheme to detect attacks. Through an extensive simulation study, our data validate the effectiveness of our implemented defense system.

Human intrusion: New ideas?

International Nuclear Information System (INIS)

Cooper, J.R.

2002-01-01

Inadvertent human intrusion has been an issue for the disposal of solid radioactive waste for many years. This paper discusses proposals for an approach for evaluating the radiological significance of human intrusion as put forward by ICRP with contribution from work at IAEA. The approach focuses on the consequences of the intrusion. Protective actions could, however, include steps to reduce the probability of human intrusion as well as the consequences. (author)

Unconventional applications of conventional intrusion detection sensors

International Nuclear Information System (INIS)

Williams, J.D.; Matter, J.C.

1983-01-01

A number of conventional intrusion detection sensors exists for the detection of persons entering buildings, moving within a given volume, and crossing a perimeter isolation zone. Unconventional applications of some of these sensors have recently been investigated. Some of the applications which are discussed include detection on the edges and tops of buildings, detection in storm sewers, detection on steam and other types of large pipes, and detection of unauthorized movement within secure enclosures. The enclosures can be used around complicated control valves, electrical control panels, emergency generators, etc

Security engineering: systems engineering of security through the adaptation and application of risk management

Science.gov (United States)

Gilliam, David P.; Feather, Martin S.

2004-01-01

Information Technology (IT) Security Risk Management is a critical task in the organization, which must protect its resources and data against the loss of confidentiality, integrity, and availability. As systems become more complex and diverse, and more vulnerabilities are discovered while attacks from intrusions and malicious content increase, it is becoming increasingly difficult to manage IT security. This paper describes an approach to address IT security risk through risk management and mitigation in both the institution and in the project life cycle.

The security analyzer: A security analyzer program written in Prolog

International Nuclear Information System (INIS)

Zimmerman, B.D.; Densley, P.J.

1986-09-01

The Security Analyzer is a software tool capable of analyzing the effectiveness of a facility's security system. It is written in the Prolog logic programming computer language, using entity-relationship data modeling techniques. The program performs the following functions: (1) provides descriptive, locational and operational status information about intrusion detectors and assessment devices (i.e., ''sensors'' and ''cameras'') upon request; (2) provides for storage and retrieval of maintenance history information for various components of the security system (including intrusion detectors), and allows for changing that information as desired; (3) provides a ''search'' mode, wherein all paths are found from any specified physical location to another specified location which satisfy user chosen ''intruder detection'' probability and elapsed time criteria (i.e., the program finds the ''weakest paths'' from a security point of view). The first two of these functions can be provided fairly easily with a conventional database program; the third function could be provided using Fortran or some similar language, though with substantial difficulty. In the Security Analyzer program, all these functions are provided in a simple and straight-forward manner. This simplicity is possible because the program is written in the symbolic (as opposed to numeric) processing language Prolog, and because the knowledge base is structured according to entity-relationship modeling principles. Also, the use of Prolog and the entity-relationship modeling technique allows the capabilities of the Security analyzer program, both for knowledge base interrogation and for searching-type operations, to be easily expanded in ways that would be very difficult for a numeric and more algorithmically deterministic language such as Fortran to duplicate. 4 refs

Optimizing a physical security configuration using a highly detailed simulation model

NARCIS (Netherlands)

Marechal, T.M.A.; Smith, A.E.; Ustun, V.; Smith, J.S.; Lefeber, A.A.J.; Badiru, A.B.; Thomas, M.U.

2009-01-01

This research is focused on using a highly detailed simulation model to create a physical security system to prevent intrusions in a building. Security consists of guards and security cameras. The problem is represented as a binary optimization problem. A new heuristic is proposed to do the security

Managing information technology security risk

Science.gov (United States)

Gilliam, David

2003-01-01

Information Technology (IT) Security Risk Management is a critical task for the organization to protect against the loss of confidentiality, integrity and availability of IT resources. As systems bgecome more complex and diverse and and attacks from intrusions and malicious content increase, it is becoming increasingly difficult to manage IT security risk. This paper describes a two-pronged approach in addressing IT security risk and risk management in the organization: 1) an institutional enterprise appraoch, and 2) a project life cycle approach.

USBcat - Towards an Intrusion Surveillance Toolset

Directory of Open Access Journals (Sweden)

Chris Chapman

2014-10-01

Full Text Available This paper identifies an intrusion surveillance framework which provides an analyst with the ability to investigate and monitor cyber-attacks in a covert manner. Where cyber-attacks are perpetrated for the purposes of espionage the ability to understand an adversary's techniques and objectives are an important element in network and computer security. With the appropriate toolset, security investigators would be permitted to perform both live and stealthy counter-intelligence operations by observing the behaviour and communications of the intruder. Subsequently a more complete picture of the attacker's identity, objectives, capabilities, and infiltration could be formulated than is possible with present technologies. This research focused on developing an extensible framework to permit the covert investigation of malware. Additionally, a Universal Serial Bus (USB Mass Storage Device (MSD based covert channel was designed to enable remote command and control of the framework. The work was validated through the design, implementation and testing of a toolset.

Exploring Effects of Organizational Culture upon Implementation of Information Security Awareness and Training Programs within the Defense Industry Located in the Tennessee Valley Region

Science.gov (United States)

Grant, Robert Luther

2017-01-01

Data breaches due to social engineering attacks and employee negligence are on the rise. The only known defense against social engineering attacks and employee negligence is information security awareness and training. However, implementation of awareness and training programs within organizations are lagging in priority. This research used the…

A Distributed Energy-Aware Trust Management System for Secure Routing in Wireless Sensor Networks

Science.gov (United States)

Stelios, Yannis; Papayanoulas, Nikos; Trakadas, Panagiotis; Maniatis, Sotiris; Leligou, Helen C.; Zahariadis, Theodore

Wireless sensor networks are inherently vulnerable to security attacks, due to their wireless operation. The situation is further aggravated because they operate in an infrastructure-less environment, which mandates the cooperation among nodes for all networking tasks, including routing, i.e. all nodes act as “routers”, forwarding the packets generated by their neighbours in their way to the sink node. This implies that malicious nodes (denying their cooperation) can significantly affect the network operation. Trust management schemes provide a powerful tool for the detection of unexpected node behaviours (either faulty or malicious). Once misbehaving nodes are detected, their neighbours can use this information to avoid cooperating with them either for data forwarding, data aggregation or any other cooperative function. We propose a secure routing solution based on a novel distributed trust management system, which allows for fast detection of a wide set of attacks and also incorporates energy awareness.

Petroleum Vapor Intrusion

Science.gov (United States)

One type of vapor intrusion is PVI, in which vapors from petroleum hydrocarbons such as gasoline, diesel, or jet fuel enter a building. Intrusion of contaminant vapors into indoor spaces is of concern.

Prototype of Intrusion Detection Model using UML 5.0 and Forward Engineering

Directory of Open Access Journals (Sweden)

Muthaiyan MADIAJAGAN,

2011-01-01

Full Text Available In this paper we are using UML (Unified Modeling Language which is the blueprint language between the programmers, analysts, and designer’s for easy representation of pictures or diagrammatic notation with some textual data. Here we are using UML 5.0 to show “prototype of the Intrusion Detection Model” and by explaining it by combining various parts by drawing various UML diagrams such as Use cases and Activity diagrams and Class Diagram using which we show forward engineering using the class diagram of the IDM( Intrusion Detection Model. IDM is a device or software that works on detecting malicious activities by unauthorized users that can cause breach to the security policy within a network.

A Hybrid Swarm Intelligence Algorithm for Intrusion Detection Using Significant Features

Directory of Open Access Journals (Sweden)

P. Amudha

2015-01-01

Full Text Available Intrusion detection has become a main part of network security due to the huge number of attacks which affects the computers. This is due to the extensive growth of internet connectivity and accessibility to information systems worldwide. To deal with this problem, in this paper a hybrid algorithm is proposed to integrate Modified Artificial Bee Colony (MABC with Enhanced Particle Swarm Optimization (EPSO to predict the intrusion detection problem. The algorithms are combined together to find out better optimization results and the classification accuracies are obtained by 10-fold cross-validation method. The purpose of this paper is to select the most relevant features that can represent the pattern of the network traffic and test its effect on the success of the proposed hybrid classification algorithm. To investigate the performance of the proposed method, intrusion detection KDDCup’99 benchmark dataset from the UCI Machine Learning repository is used. The performance of the proposed method is compared with the other machine learning algorithms and found to be significantly different.

Secure Border Gateway Protocol and the External Routing Intrusion Detection System

National Research Council Canada - National Science Library

Kent, Stephen

2000-01-01

.... The Secure BGP projects designed a secure, scalable, deployable architecture (S-BGP) for an authorization and authentication system that addresses most of the security problems associated with BGP...

What is Security? A perspective on achieving security

Energy Technology Data Exchange (ETDEWEB)

Atencio, Julian J.

2014-05-05

This presentation provides a perspective on achieving security in an organization. It touches upon security as a mindset, ability to adhere to rules, cultivating awareness of the reason for a security mindset, the quality of a security program, willingness to admit fault or acknowledge failure, peer review in security, science as a model that can be applied to the security profession, the security vision, security partnering, staleness in the security program, security responsibilities, and achievement of success over time despite the impossibility of perfection.

Techniques Used in String Matching for Network Security

OpenAIRE

Jamuna Bhandari

2014-01-01

String matching also known as pattern matching is one of primary concept for network security. In this area the effectiveness and efficiency of string matching algorithms is important for applications in network security such as network intrusion detection, virus detection, signature matching and web content filtering system. This paper presents brief review on some of string matching techniques used for network security.

The Effectiveness of Information Technology Simulation and Security Awareness Training on U.S Military Personnel in Iraq and Afghanistan

Science.gov (United States)

Armstead, Stanley K.

2017-01-01

In today's dynamic military environment, information technology plays a crucial role in the support of mission preparedness and operational readiness. This research examined the effectiveness of information technology security simulation and awareness training on U.S. military personnel in Iraq and Afghanistan. Also, the study analyzed whether…

Constructible Assessment for Situation Awareness in a Distributed C2 Environment

National Research Council Canada - National Science Library

Seet, Alfred W; Teh, Cheryl A; Soo, John K; Teo, Leonghwee

2004-01-01

.... This method is an adaptation of the Situation Awareness Global Assessment Technique (SAGAT) by M. R. Endsley (1995) that takes into account specific constraints for use in a field exercise, such as minimizing the level of intrusiveness...

Security Bingo

CERN Multimedia

Computer Security Team

2011-01-01

Want to check your security awareness and win one of three marvellous books on computer security? Just print out this page, mark which of the 25 good practices below you already follow, and send the sheet back to us by 31 October 2011 at either Computer.Security@cern.ch or P.O. Box G19710.   Winners[1] must show that they fulfil at least five good practices in a continuous vertical, horizontal or diagonal row. For details on CERN Computer Security, please consult http://cern.ch/security. I personally…   …am concerned about computer security. …run my computer with an anti-virus software and up-to-date signature files. …lock my computer screen whenever I leave my office. …have chosen a reasonably complex password. …have restricted access to all my files and data. …am aware of the security risks and threats to CERN’s computing facilities. &hell...

Proactive approach to Corporate Security

CSIR Research Space (South Africa)

Grobler, MM

2010-05-01

Full Text Available The best Information Security infrastructure cannot guarantee that intrusions or other malicious acts will not happen. It is necessary to know the facts and prepare beforehand knowing cyber threats and trends; knowing the broadband impact...

Improving SCADA security of a local process with a power grid model

NARCIS (Netherlands)

Chromik, Justyna Joanna; Remke, Anne Katharina Ingrid; Haverkort, Boudewijn R.H.M.

Security of networks controlling smart grids is an important subject. The shift of the power grid towards a smart grid results in more distributed control functions, while intrusion detection of the control network mostly remains centrally based. Moreover, existing local (host-based) intrusion

Active Low Intrusion Hybrid Monitor for Wireless Sensor Networks.

Science.gov (United States)

Navia, Marlon; Campelo, Jose C; Bonastre, Alberto; Ors, Rafael; Capella, Juan V; Serrano, Juan J

2015-09-18

Several systems have been proposed to monitor wireless sensor networks (WSN). These systems may be active (causing a high degree of intrusion) or passive (low observability inside the nodes). This paper presents the implementation of an active hybrid (hardware and software) monitor with low intrusion. It is based on the addition to the sensor node of a monitor node (hardware part) which, through a standard interface, is able to receive the monitoring information sent by a piece of software executed in the sensor node. The intrusion on time, code, and energy caused in the sensor nodes by the monitor is evaluated as a function of data size and the interface used. Then different interfaces, commonly available in sensor nodes, are evaluated: serial transmission (USART), serial peripheral interface (SPI), and parallel. The proposed hybrid monitor provides highly detailed information, barely disturbed by the measurement tool (interference), about the behavior of the WSN that may be used to evaluate many properties such as performance, dependability, security, etc. Monitor nodes are self-powered and may be removed after the monitoring campaign to be reused in other campaigns and/or WSNs. No other hardware-independent monitoring platforms with such low interference have been found in the literature.

FSM-F: Finite State Machine Based Framework for Denial of Service and Intrusion Detection in MANET.

Science.gov (United States)

N Ahmed, Malik; Abdullah, Abdul Hanan; Kaiwartya, Omprakash

2016-01-01

Due to the continuous advancements in wireless communication in terms of quality of communication and affordability of the technology, the application area of Mobile Adhoc Networks (MANETs) significantly growing particularly in military and disaster management. Considering the sensitivity of the application areas, security in terms of detection of Denial of Service (DoS) and intrusion has become prime concern in research and development in the area. The security systems suggested in the past has state recognition problem where the system is not able to accurately identify the actual state of the network nodes due to the absence of clear definition of states of the nodes. In this context, this paper proposes a framework based on Finite State Machine (FSM) for denial of service and intrusion detection in MANETs. In particular, an Interruption Detection system for Adhoc On-demand Distance Vector (ID-AODV) protocol is presented based on finite state machine. The packet dropping and sequence number attacks are closely investigated and detection systems for both types of attacks are designed. The major functional modules of ID-AODV includes network monitoring system, finite state machine and attack detection model. Simulations are carried out in network simulator NS-2 to evaluate the performance of the proposed framework. A comparative evaluation of the performance is also performed with the state-of-the-art techniques: RIDAN and AODV. The performance evaluations attest the benefits of proposed framework in terms of providing better security for denial of service and intrusion detection attacks.

SECURITY AWARENESS – MAJOR PIECE IN THE PUZZLE OF INFORMATION SECURITY

OpenAIRE

MARIUS PETRESCU; NICOLETA SÎRBU; ANCA-GABRIELA PETRESCU; MIOARA BRABOVEANU

2011-01-01

Information security has come to be recognized as increasingly important because global communication and information systems allow a potentially large number of unauthorized users to access and possibly alter information from around the world. As the dependence on information systems grows, so the security of information networks becomes ever more critical to any entity, no matter if it is a company or a public institution. Information security involves both technology and people. Any securi...

Network Intrusion Forensic Analysis Using Intrusion Detection System

OpenAIRE

Manish Kumar; Dr. M. Hanumanthappa; Dr. T.V. Suresh Kumar

2011-01-01

The need for computer intrusion forensics arises from the alarming increase in the number of computer crimes that are committed annually. After a computer system has been breached and an intrusion has been detected, there is a need for a computer forensics investigation to follow. Computer forensics is used to bring to justice, those responsible for conducting attacks on computer systems throughout the world. Because of this the law must be follow precisely when conducting a forensics investi...

Secure vendor environment (SVE) for PACS

Science.gov (United States)

Honeyman-Buck, Janice; Frost, Meryll

2005-04-01

A Secure Vendor Environment (SVE) was created to protect radiology modalities from network intrusion, worms, viruses, and other forms of damaging attacks. Many vendors do not attempt any form of network security and if an institution demands a non-standard and secure installation, a future system upgrade could and frequently does eliminate any security measures installed during the initial installation. The SVE isolates the vendor equipment behind a virtual firewall on a private network that is invisible to the outside world. All interactions must go though a device containing two network interface cards called an Application Processor that acts as a store-and forward router, performs DICOM repair, proxies modality worklist, and isolates the vendor modalities. A small VPN appliance can open the device temporarily for remote access by vendor engineers. Prior to the routine installation of the SVE, vendor equipment was often attacked by hostile network intruders and viruses or worms, sometimes rendering the equipment unusable until the vendor could reload the system. The resulted in considerable clinical downtime and loss of revenue. Since the relatively low cost SVE solution has routinely been installed with all new equipment, no intrusions have occurred, although our network sniffers and intrusion detectors indicate that we are constantly being scanned for vulnerability. Purpose: To provide a secure network for vendor equipment in a PACS environment while allowing vendor access for upgrades and system repairs. Method: The network administrators at our university believe that network security should be implemented at the machine level rather than relying on a firewall. A firewall solution could conceivably block unwanted intrusion from outside the university network, but would still allow literally thousands of potential network users to get through to the PACS network. All the PACS archive, display and routing systems are individually protected from intrusion, but

Moving towards Cloud Security

Directory of Open Access Journals (Sweden)

Edit Szilvia Rubóczki

2015-01-01

Full Text Available Cloud computing hosts and delivers many different services via Internet. There are a lot of reasons why people opt for using cloud resources. Cloud development is increasing fast while a lot of related services drop behind, for example the mass awareness of cloud security. However the new generation upload videos and pictures without reason to a cloud storage, but only few know about data privacy, data management and the proprietary of stored data in the cloud. In an enterprise environment the users have to know the rule of cloud usage, however they have little knowledge about traditional IT security. It is important to measure the level of their knowledge, and evolve the training system to develop the security awareness. The article proves the importance of suggesting new metrics and algorithms for measuring security awareness of corporate users and employees to include the requirements of emerging cloud security.

NOVEL CONTEXT-AWARE CLUSTERING WITH HIERARCHICAL ADDRESSING (CCHA) FOR THE INTERNET OF THINGS (IoT)

DEFF Research Database (Denmark)

Mahalle, Parikshit N.; Prasad, Neeli R.; Prasad, Ramjee

2013-01-01

As computing technology becomes more tightly coupled into dynamic and mobile world of the Internet of Things (IoT), security mechanism becomes more stringent, less flexible and intrusive. Scalability issue in the IoT makes Identity Management (IdM) of ubiquitous things more challenging. Forming ad......-hoc network, interaction between these nomadic devices to provide seamless service extend the need of new identi-ties to the things, addressing and IdM in the IoT. New identities and identifier format to alleviate the perfor-mance issue is introduced in this paper. This paper pre-sents novel Context......-aware Clustering with Hierarchical Addressing (CCHA) scheme for the things with new identifier format. Simulation results shows that CCHA achieves better performance with less energy expendi-ture, less end-to-end delay and more throughput. Results also show that CCHA significantly reduces the failure probability...

Nuclear and radiological Security: Introduction.

Energy Technology Data Exchange (ETDEWEB)

Miller, James Christopher [Los Alamos National Lab. (LANL), Los Alamos, NM (United States)

2016-02-24

Nuclear security includes the prevention and detection of, and response to, theft, sabotage, unauthorized access, illegal transfer, or other malicious acts involving nuclear or other radioactive substances or their associated facilities. The presentation begins by discussing the concept and its importance, then moves on to consider threats--insider threat, sabotage, diversion of materials--with considerable emphasis on the former. The intrusion at Pelindaba, South Africa, is described as a case study. The distinction between nuclear security and security of radiological and portable sources is clarified, and the international legal framework is touched upon. The paper concludes by discussing the responsibilities of the various entities involved in nuclear security.

Nuclear and radiological Security: Introduction

International Nuclear Information System (INIS)

Miller, James Christopher

2016-01-01

Nuclear security includes the prevention and detection of, and response to, theft, sabotage, unauthorized access, illegal transfer, or other malicious acts involving nuclear or other radioactive substances or their associated facilities. The presentation begins by discussing the concept and its importance, then moves on to consider threats--insider threat, sabotage, diversion of materials--with considerable emphasis on the former. The intrusion at Pelindaba, South Africa, is described as a case study. The distinction between nuclear security and security of radiological and portable sources is clarified, and the international legal framework is touched upon. The paper concludes by discussing the responsibilities of the various entities involved in nuclear security.

Count out your intrusions: Effects of verbal encoding on intrusive memories

NARCIS (Netherlands)

Krans, J.; Näring, G.W.B.; Becker, E.S.

2009-01-01

Peri-traumatic information processing is thought to affect the development of intrusive trauma memories. This study aimed to replicate and improve the study by Holmes, Brewin, and Hennessy (2004, Exp. 3) on the role of peri-traumatic verbal processing in analogue traumatic intrusion development.

Options for human intrusion

International Nuclear Information System (INIS)

Bauser, M.; Williams, R.

1993-01-01

This paper addresses options for dealing with human intrusion in terms of performance requirements and repository siting and design requirements. Options are presented, along with the advantages and disadvantages of certain approaches. At the conclusion, a conceptual approach is offered emphasizing both the minimization of subjective judgements concerning future human activity, and specification of repository requirements to minimize the likelihood of human intrusion and any resulting, harmful effects should intrusion occur

A Secure Routing Protocol for Wireless Sensor Networks Considering Secure Data Aggregation

Directory of Open Access Journals (Sweden)

Triana Mugia Rahayu

2015-06-01

Full Text Available The commonly unattended and hostile deployments of WSNs and their resource-constrained sensor devices have led to an increasing demand for secure energy-efficient protocols. Routing and data aggregation receive the most attention since they are among the daily network routines. With the awareness of such demand, we found that so far there has been no work that lays out a secure routing protocol as the foundation for a secure data aggregation protocol. We argue that the secure routing role would be rendered useless if the data aggregation scheme built on it is not secure. Conversely, the secure data aggregation protocol needs a secure underlying routing protocol as its foundation in order to be effectively optimal. As an attempt for the solution, we devise an energy-aware protocol based on LEACH and ESPDA that combines secure routing protocol and secure data aggregation protocol. We then evaluate its security effectiveness and its energy-efficiency aspects, knowing that there are always trade-off between both.

A Fusion of Multiagent Functionalities for Effective Intrusion Detection System

OpenAIRE

Dhanalakshmi Krishnan Sadhasivan; Kannapiran Balasubramanian

2017-01-01

Provision of high security is one of the active research areas in the network applications. The failure in the centralized system based on the attacks provides less protection. Besides, the lack of update of new attacks arrival leads to the minimum accuracy of detection. The major focus of this paper is to improve the detection performance through the adaptive update of attacking information to the database. We propose an Adaptive Rule-Based Multiagent Intrusion Detection System (ARMA-IDS) to...

An Efficient and Secure m-IPS Scheme of Mobile Devices for Human-Centric Computing

Directory of Open Access Journals (Sweden)

Young-Sik Jeong

2014-01-01

Full Text Available Recent rapid developments in wireless and mobile IT technologies have led to their application in many real-life areas, such as disasters, home networks, mobile social networks, medical services, industry, schools, and the military. Business/work environments have become wire/wireless, integrated with wireless networks. Although the increase in the use of mobile devices that can use wireless networks increases work efficiency and provides greater convenience, wireless access to networks represents a security threat. Currently, wireless intrusion prevention systems (IPSs are used to prevent wireless security threats. However, these are not an ideal security measure for businesses that utilize mobile devices because they do not take account of temporal-spatial and role information factors. Therefore, in this paper, an efficient and secure mobile-IPS (m-IPS is proposed for businesses utilizing mobile devices in mobile environments for human-centric computing. The m-IPS system incorporates temporal-spatial awareness in human-centric computing with various mobile devices and checks users’ temporal spatial information, profiles, and role information to provide precise access control. And it also can extend application of m-IPS to the Internet of things (IoT, which is one of the important advanced technologies for supporting human-centric computing environment completely, for real ubiquitous field with mobile devices.

Improving Accuracy of Intrusion Detection Model Using PCA and optimized SVM

Directory of Open Access Journals (Sweden)

Sumaiya Thaseen Ikram

2016-06-01

Full Text Available Intrusion detection is very essential for providing security to different network domains and is mostly used for locating and tracing the intruders. There are many problems with traditional intrusion detection models (IDS such as low detection capability against unknown network attack, high false alarm rate and insufficient analysis capability. Hence the major scope of the research in this domain is to develop an intrusion detection model with improved accuracy and reduced training time. This paper proposes a hybrid intrusiondetection model by integrating the principal component analysis (PCA and support vector machine (SVM. The novelty of the paper is the optimization of kernel parameters of the SVM classifier using automatic parameter selection technique. This technique optimizes the punishment factor (C and kernel parameter gamma (γ, thereby improving the accuracy of the classifier and reducing the training and testing time. The experimental results obtained on the NSL KDD and gurekddcup dataset show that the proposed technique performs better with higher accuracy, faster convergence speed and better generalization. Minimum resources are consumed as the classifier input requires reduced feature set for optimum classification. A comparative analysis of hybrid models with the proposed model is also performed.

FSM-F: Finite State Machine Based Framework for Denial of Service and Intrusion Detection in MANET.

Directory of Open Access Journals (Sweden)

Malik N Ahmed

Full Text Available Due to the continuous advancements in wireless communication in terms of quality of communication and affordability of the technology, the application area of Mobile Adhoc Networks (MANETs significantly growing particularly in military and disaster management. Considering the sensitivity of the application areas, security in terms of detection of Denial of Service (DoS and intrusion has become prime concern in research and development in the area. The security systems suggested in the past has state recognition problem where the system is not able to accurately identify the actual state of the network nodes due to the absence of clear definition of states of the nodes. In this context, this paper proposes a framework based on Finite State Machine (FSM for denial of service and intrusion detection in MANETs. In particular, an Interruption Detection system for Adhoc On-demand Distance Vector (ID-AODV protocol is presented based on finite state machine. The packet dropping and sequence number attacks are closely investigated and detection systems for both types of attacks are designed. The major functional modules of ID-AODV includes network monitoring system, finite state machine and attack detection model. Simulations are carried out in network simulator NS-2 to evaluate the performance of the proposed framework. A comparative evaluation of the performance is also performed with the state-of-the-art techniques: RIDAN and AODV. The performance evaluations attest the benefits of proposed framework in terms of providing better security for denial of service and intrusion detection attacks.

Intrusion Detection in Bluetooth Enabled Mobile Phones

CSIR Research Space (South Africa)

Nair, Kishor Krishnan

2015-11-23

Full Text Available . Bluetooth Logging Agent (BLA) is a mechanism that has been developed for this purpose. It alleviates the current security issues by making the users aware of their incoming Bluetooth connections and gives them an option to either accept or reject...

INTRUSION DETECTION PREVENTION SYSTEM (IDPS PADA LOCAL AREA NETWORK (LAN

Directory of Open Access Journals (Sweden)

Didit Suhartono

2015-02-01

Full Text Available Penelitian ini berjudul “Intrusion Detection Prevention System Local Area Network (LAN” yang bertujuan untuk memproteksi jaringan dari usaha- usaha penyusupan yang dilakukan oleh seorang intruder. Metode yang digunakan pada penelitian ini adalah menggunakan metode kerangka pikir sebagai acuan dari tahap- tahap penelitian yang penulis lakukan. IDS difungsikan sebagai pendeteksi adanya serangan sesuai rule yang ada kemudian pesan peringatan disimpan dalam database dan dikirim via sms kepada seorang network administrator, sedangkan Firewall digunakan sebagai packet filtering dengan cara menentukan security policy yang dinilai penting. Hasilnya adalah ketika IDS memberikanpesan peringatan ketika ada serangan, seorang network administrator dapat memblok adanya serangan tersebut dengan cara manual dengan firewall, ataupun firewall akan memblok sendiri serangan tersebut sesuai dengan security policy yang diterapkan oleh network adminisrator sebelumnya

Security system

Science.gov (United States)

Baumann, Mark J.; Kuca, Michal; Aragon, Mona L.

2016-02-02

A security system includes a structure having a structural surface. The structure is sized to contain an asset therein and configured to provide a forceful breaching delay. The structure has an opening formed therein to permit predetermined access to the asset contained within the structure. The structure includes intrusion detection features within or associated with the structure that are activated in response to at least a partial breach of the structure.

A Neuro-genetic Based Short-term Forecasting Framework for Network Intrusion Prediction System

Institute of Scientific and Technical Information of China (English)

Siva S. Sivatha Sindhu; S. Geetha; M. Marikannan; A. Kannan

2009-01-01

Information systems are one of the most rapidly changing and vulnerable systems, where security is a major issue. The number of security-breaking attempts originating inside organizations is increasing steadily. Attacks made in this way, usually done by "authorized" users of the system, cannot be immediately traced. Because the idea of filtering the traffic at the entrance door, by using firewalls and the like, is not completely successful, the use of intrusion detection systems should be considered to increase the defense capacity of an information system. An intrusion detection system (IDS) is usually working in a dynamically changing environment, which forces continuous tuning of the intrusion detection model, in order to maintain sufficient performance. The manual tuning process required by current IDS depends on the system operators in working out the tuning solution and in integrating it into the detection model. Furthermore, an extensive effort is required to tackle the newly evolving attacks and a deep study is necessary to categorize it into the respective classes. To reduce this dependence, an automatically evolving anomaly IDS using neuro-genetic algorithm is presented. The proposed system automatically tunes the detection model on the fly according to the feedback provided by the system operator when false predictions are encountered. The system has been evaluated using the Knowledge Discovery in Databases Conference (KDD 2009) intrusion detection dataset. Genetic paradigm is employed to choose the predominant features, which reveal the occurrence of intrusions. The neuro-genetic IDS (NGIDS) involves calculation of weightage value for each of the categorical attributes so that data of uniform representation can be processed by the neuro-genetic algorithm. In this system unauthorized invasion of a user are identified and newer types of attacks are sensed and classified respectively by the neuro-genetic algorithm. The experimental results obtained in this

78 FR 25259 - Notice of Intent To Grant an Exclusive License; Integrata Security, LLC

Science.gov (United States)

2013-04-30

...; Integrata Security, LLC AGENCY: National Security Agency, DoD. ACTION: Notice. SUMMARY: The National Security Agency hereby gives notice of its intent to grant Integrata Security, LLC a revocable, non.... Patent No. 8,069,483 entitled: ``Device for and Method of Wireless Intrusion Detection,'' issued by the U...

A Novel Architecture for Intrusion Detection in Mobile Ad hoc Network

OpenAIRE

Atul Patel; Ruchi Kansara; Dr. Paresh Virparia

2011-01-01

Today’s wireless networks are vulnerable in many ways including illegal use, unauthorized access, denial of service attacks, eavesdropping so called war chalking. These problems are one of the main issues for wider uses of wireless network. On wired network intruder can access by wire but in wireless it has possibilities to access the computer anywhere in neighborhood. However, securing MANETs is highly challenging issue due to their inherent characteristics. Intrusion detection is an importa...

A New Unified Intrusion Anomaly Detection in Identifying Unseen Web Attacks

Directory of Open Access Journals (Sweden)

Muhammad Hilmi Kamarudin

2017-01-01

Full Text Available The global usage of more sophisticated web-based application systems is obviously growing very rapidly. Major usage includes the storing and transporting of sensitive data over the Internet. The growth has consequently opened up a serious need for more secured network and application security protection devices. Security experts normally equip their databases with a large number of signatures to help in the detection of known web-based threats. In reality, it is almost impossible to keep updating the database with the newly identified web vulnerabilities. As such, new attacks are invisible. This research presents a novel approach of Intrusion Detection System (IDS in detecting unknown attacks on web servers using the Unified Intrusion Anomaly Detection (UIAD approach. The unified approach consists of three components (preprocessing, statistical analysis, and classification. Initially, the process starts with the removal of irrelevant and redundant features using a novel hybrid feature selection method. Thereafter, the process continues with the application of a statistical approach to identifying traffic abnormality. We performed Relative Percentage Ratio (RPR coupled with Euclidean Distance Analysis (EDA and the Chebyshev Inequality Theorem (CIT to calculate the normality score and generate a finest threshold. Finally, Logitboost (LB is employed alongside Random Forest (RF as a weak classifier, with the aim of minimising the final false alarm rate. The experiment has demonstrated that our approach has successfully identified unknown attacks with greater than a 95% detection rate and less than a 1% false alarm rate for both the DARPA 1999 and the ISCX 2012 datasets.

Interior intrusion detection systems

Energy Technology Data Exchange (ETDEWEB)

Rodriguez, J.R.; Matter, J.C. (Sandia National Labs., Albuquerque, NM (United States)); Dry, B. (BE, Inc., Barnwell, SC (United States))

1991-10-01

The purpose of this NUREG is to present technical information that should be useful to NRC licensees in designing interior intrusion detection systems. Interior intrusion sensors are discussed according to their primary application: boundary-penetration detection, volumetric detection, and point protection. Information necessary for implementation of an effective interior intrusion detection system is presented, including principles of operation, performance characteristics and guidelines for design, procurement, installation, testing, and maintenance. A glossary of sensor data terms is included. 36 figs., 6 tabs.

Interior intrusion detection systems

International Nuclear Information System (INIS)

Rodriguez, J.R.; Matter, J.C.; Dry, B.

1991-10-01

The purpose of this NUREG is to present technical information that should be useful to NRC licensees in designing interior intrusion detection systems. Interior intrusion sensors are discussed according to their primary application: boundary-penetration detection, volumetric detection, and point protection. Information necessary for implementation of an effective interior intrusion detection system is presented, including principles of operation, performance characteristics and guidelines for design, procurement, installation, testing, and maintenance. A glossary of sensor data terms is included. 36 figs., 6 tabs

Design and implementation of an intrusion detection system based on IPv6 protocol

Science.gov (United States)

Liu, Bin; Li, Zhitang; Li, Yao; Li, Zhanchun

2005-11-01

Network intrusion detection systems (NIDS) are important parts of network security architecture. Although many NIDS have been proposed, there is little effort to expand the current set of NIDS to support IPv6 protocol. This paper presents the design and implementation of a Network-based Intrusion Detection System that supports both IPv6 protocol and IPv4 protocol. It characters rules based logging to perform content pattern matching and detect a variety of attacks and probes from IPv4 and IPv6.There are four primary subsystems to make it up: packet capture, packet decoder, detection engine, and logging and alerting subsystem. A new approach to packet capture that combined NAPI with MMAP is proposed in this paper. The test results show that the efficiency of packet capture can be improved significantly by this method. Several new attack tools for IPv6 have been developed for intrusion detection evaluation. Test shows that more than 20 kinds of IPv6 attacks can be detected by this system and it also has a good performance under heavy traffic load.

Ultrasonic intrusion sensor using the Doppler effect; Choonpa Doppler hoshiki shinnyu sensor

Energy Technology Data Exchange (ETDEWEB)

Kani, H; Iwasaki, N; Goto, M [Nippon Soken, Inc., Tokyo (Japan); Tsuzuki, T; Nakamura, T [Denso Corp., Aichi (Japan)

1997-10-01

For vehicle anti-theft alarm systems which cope with vehicle and car component theft, EU initiated vehicle security regulations from Jan 1997. Also, the insurance industry has instituted the insurance certification of vehicle anti-theft alarm systems. We have developed an ultrasonic intrusion sensor using the doppler effect for vehicle anti-theft alarm systems specifically for these EU regulations and insurance certification. 2 refs., 7 figs., 1 tab.

Security and policy driven computing

CERN Document Server

Liu, Lei

2010-01-01

Security and Policy Driven Computing covers recent advances in security, storage, parallelization, and computing as well as applications. The author incorporates a wealth of analysis, including studies on intrusion detection and key management, computer storage policy, and transactional management.The book first describes multiple variables and index structure derivation for high dimensional data distribution and applies numeric methods to proposed search methods. It also focuses on discovering relations, logic, and knowledge for policy management. To manage performance, the text discusses con

Cyber security of critical infrastructures

Directory of Open Access Journals (Sweden)

Leandros A. Maglaras

2018-03-01

Full Text Available Modern Supervisory Control and Data Acquisition (SCADA systems are essential for monitoring and managing electric power generation, transmission and distribution. In the age of the Internet of Things, SCADA has evolved into big, complex and distributed systems that are prone to be conventional in addition to new threats. Many security methods can be applied to such systems, having in mind that both high efficiency, real time intrusion identification and low overhead are required. Keywords: SCADA systems, Security

Resilient Infrastructure and Building Security

DEFF Research Database (Denmark)

Ingwar, Mads Ingerslew

inference. Persistent authentication offers an effective integrated protection measure that is distributed directly in the facility and is non-intrusive to the public and affordable to the facility owners. Persistent authentication is suitable for security sensitive applications and can help protect...... to authentication that combines traditional access control systems with the sensing technologies and tracking capabilities offered by smart environments. Our approach is called Persistent Authentication for Location-based Services. Persistent authentication enables the secure provision of location-based services...

Situation Awareness with Systems of Systems

NARCIS (Netherlands)

Laar, P. van de; Tretmans, J.; Borth, M.

2013-01-01

This book discusses various aspects, challenges, and solutions for developing systems-of-systems for situation awareness, using applications in the domain of maritime safety and security. Topics include advanced, multi-objective visualization methods for situation awareness, stochastic outlier

Situation awareness with systems of systems

CERN Document Server

Tretmans, Jan; Borth, Michael

2013-01-01

This book discusses various aspects, challenges, and solutions for developing systems-of-systems for situation awareness, using applications in the domain of maritime safety and security.  Topics include advanced, multi-objective visualization methods for situation awareness, stochastic outlier selection, rule-based anomaly detection, an ontology-based event model for semantic reasoning, new methods for semi-automatic generation of adapters bridging communication gaps, security policies for systems-of-systems, trust assessment, and methods to deal with the dynamics of systems-of-systems in run-time monitoring, testing, and diagnosis. Architectural considerations for designing information-centric systems-of-systems such as situation awareness systems, and an integrated demonstrator implementing many of the investigated aspects, complete the book.

Information security practices emerging threats and perspectives

CERN Document Server

Awad, Ahmed; Woungang, Isaac

2017-01-01

This book introduces novel research targeting technical aspects of protecting information security and establishing trust in the digital space. New paradigms, and emerging threats and solutions are presented in topics such as application security and threat management; modern authentication paradigms; digital fraud detection; social engineering and insider threats; cyber threat intelligence; intrusion detection; behavioral biometrics recognition; hardware security analysis. The book presents both the important core and the specialized issues in the areas of protection, assurance, and trust in information security practice. It is intended to be a valuable resource and reference for researchers, instructors, students, scientists, engineers, managers, and industry practitioners. .

Metrics for smart security awareness

CSIR Research Space (South Africa)

Labuschagne, William A

2017-06-01

Full Text Available informing the response teams for reparations. These capabilities are possible by collecting data from the environment and ensuring intelligence is developed to react automatically without human intervention. The concept of smart cities has also been.... The data would be transported to a centralized situational awareness capability for analyses and create the appropriate response in the form of remedial action. The use of threat intelligence feeds could automatically sense the existence of a new threat...

The remote security station (RSS)

International Nuclear Information System (INIS)

Pletta, J.B.

1991-01-01

This paper reports that, as an outgrowth of research into physical security systems, Sandia is investigating robotic technologies for improving physical security performance and flexibility. Robotic systems have the potential to allow more effective utilization of security personnel, especially in scenarios where they might be exposed to harm. They also can supplement fixed site installations where sensors have failed or where transient assets are present. The Remote Security Station (RSS) program for the defense Nuclear Agency is developing a proof-of-principle robotic system which will be used to evaluate the role, and associated cost, of robotic technologies in exterior physical security systems. The RSS consists of three primary elements: a fixed but quickly moveable tripod with intrusion detection sensors and assessment camera; a mobile robotic platform with a functionally identical security module; and a control console which allows an operator to perform security functions and teleoperate the mobile platform

Getting Employees Involved in Information Security: The Case of Strong Passwords

Science.gov (United States)

Taylor, Richard G.

2009-01-01

With the increasing amount and severity of information security incidents, organizations are constantly looking for better ways to protect their information. The implementation of physical safeguards such as firewalls and intrusion detection systems is an integral part on an organization's overall information security; however these safeguards…

Automated Big Traffic Analytics for Cyber Security

OpenAIRE

Miao, Yuantian; Ruan, Zichan; Pan, Lei; Wang, Yu; Zhang, Jun; Xiang, Yang

2018-01-01

Network traffic analytics technology is a cornerstone for cyber security systems. We demonstrate its use through three popular and contemporary cyber security applications in intrusion detection, malware analysis and botnet detection. However, automated traffic analytics faces the challenges raised by big traffic data. In terms of big data's three characteristics --- volume, variety and velocity, we review three state of the art techniques to mitigate the key challenges including real-time tr...

Network security: a survey of modern approaches

International Nuclear Information System (INIS)

Zafar, M.F.; Naheed, F.; Ahmad, Z.; Anwar, M.M.

2008-01-01

Security is an essential element of information technology (IT) infrastructure and applications. Concerns about security of networks and information systems have been growing along with the rapid increase in the number of network users and the value of their transactions. The hasty security threats have driven the development of security products known as Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) to detect and protect the network, server and desktop infrastructure ahead of the threat. Authentication and signing techniques are used to prevent integrity threats. Users, devices, and applications should always be authenticated and authorized before they are allowed to access networking resources. Though a lot of information is available on the internet about IDS and IPS but it all is spread on so many sites and one has to spend a considerable part of his precious time to search it. In this regard a thorough survey has been conducted to facilitate and assist the researchers. The issues and defend challenges in fighting with cyber attacks have been discussed. A comparison of the categories of network security technologies has been presented. In this paper an effort has been made to gather the scattered information and present it at one place. This survey will provide best available up-to-date advancement in the area. A brief description of open source IPS has also been presented. (author)

Wireless Network Security Vulnerabilities and Concerns

Science.gov (United States)

Mushtaq, Ahmad

The dilemma of cyber communications insecurity has existed all the times since the beginning of the network communications. The problems and concerns of unauthorized access and hacking has existed form the time of introduction of world wide web communication and Internet's expansion for popular use in 1990s, and has remained till present time as one of the most important issues. The wireless network security is no exception. Serious and continuous efforts of investigation, research and development has been going on for the last several decades to achieve the goal of provision of 100 percent or full proof security for all the protocols of networking architectures including the wireless networking. Some very reliable and robust strategies have been developed and deployed which has made network communications more and more secure. However, the most desired goal of complete security has yet to see the light of the day. The latest Cyber War scenario, reported in the media of intrusion and hacking of each other's defense and secret agencies between the two super powers USA and China has further aggravated the situation. This sort of intrusion by hackers between other countries such as India and Pakistan, Israel and Middle East countries has also been going on and reported in the media frequently. The paper reviews and critically examines the strategies already in place, for wired network. Wireless Network Security and also suggests some directions and strategies for more robust aspects to be researched and deployed.

Personal computer security: part 1. Firewalls, antivirus software, and Internet security suites.

Science.gov (United States)

Caruso, Ronald D

2003-01-01

Personal computer (PC) security in the era of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) involves two interrelated elements: safeguarding the basic computer system itself and protecting the information it contains and transmits, including personal files. HIPAA regulations have toughened the requirements for securing patient information, requiring every radiologist with such data to take further precautions. Security starts with physically securing the computer. Account passwords and a password-protected screen saver should also be set up. A modern antivirus program can easily be installed and configured. File scanning and updating of virus definitions are simple processes that can largely be automated and should be performed at least weekly. A software firewall is also essential for protection from outside intrusion, and an inexpensive hardware firewall can provide yet another layer of protection. An Internet security suite yields additional safety. Regular updating of the security features of installed programs is important. Obtaining a moderate degree of PC safety and security is somewhat inconvenient but is necessary and well worth the effort. Copyright RSNA, 2003

Addressing software security and mitigations in the life cycle

Science.gov (United States)

Gilliam, David; Powell, John; Haugh, Eric; Bishop, Matt

2004-01-01

Traditionally, security is viewed as an organizational and Information Technology (IT) systems function comprising of firewalls, intrusion detection systems (IDS), system security settings and patches to the operating system (OS) and applications running on it. Until recently, little thought has been given to the importance of security as a formal approach in the software life cycle. The Jet Propulsion Laboratory has approached the problem through the development of an integrated formal Software Security Assessment Instrument (SSAI) with six foci for the software life cycle.

Intrusive luxation of 60 permanent incisors

DEFF Research Database (Denmark)

Tsilingaridis, Georgios; Malmgren, Barbro; Andreasen, Jens O

2012-01-01

  Intrusive luxation in the permanent dentition is an uncommon injury but it is considered one of the most severe types of dental trauma because of the risk for damage to the periodontal ligament, pulp and alveolar bone. Management of intrusive luxation in the permanent dentition is controversial....... The purpose of this study was to evaluate pulp survival and periodontal healing in intrusive luxated permanent teeth in relation to treatment alternatives, degree of intrusion and root development....

Assessing security technology's impact: old tools for new problems.

Science.gov (United States)

Kreissl, Reinhard

2014-09-01

The general idea developed in this paper from a sociological perspective is that some of the foundational categories on which the debate about privacy, security and technology rests are blurring. This process is a consequence of a blurring of physical and digital worlds. In order to define limits for legitimate use of intrusive digital technologies, one has to refer to binary distinctions such as private versus public, human versus technical, security versus insecurity to draw differences determining limits for the use of surveillance technologies. These distinctions developed in the physical world and are rooted in a cultural understanding of pre-digital culture. Attempts to capture the problems emerging with the implementation of security technologies using legal reasoning encounter a number of problems since law is by definition oriented backwards, adapting new developments to existing traditions, whereas the intrusion of new technologies in the physical world produces changes and creates fundamentally new problems.

Intrusion Detection, Diagnosis, and Recovery with Self-Securing Storage

National Research Council Canada - National Science Library

Strunk, John D; Goodson, Garth R; Pennington, Adam G; Soules, Craig A; Ganger, Gregory R

2002-01-01

.... From behind a thin storage interface (e.g., SCSI or CIFS), a self-securing storage server can watch storage requests, keep a record of all storage activity, and prevent compromised clients from destroying stored data...

New Non-Intrusive Inspection Technologies for Nuclear Security and Nonproliferation

Science.gov (United States)

Ledoux, Robert J.

2015-10-01

Comprehensive monitoring of the supply chain for nuclear materials has historically been hampered by non-intrusive inspection systems that have such large false alarm rates that they are impractical in the flow of commerce. Passport Systems, Inc. (Passport) has developed an active interrogation system which detects fissionable material, high Z material, and other contraband in land, sea and air cargo. Passport's design utilizes several detection modalities including high resolution imaging, passive radiation detection, effective-Z (EZ-3D™) anomaly detection, Prompt Neutrons from Photofission (PNPF), and Nuclear Resonance Fluorescence (NRF) isotopic identification. These technologies combine to: detect fissionable, high-Z, radioactive and contraband materials, differentiate fissionable materials from high-Z shielding materials, and isotopically identify actinides, Special Nuclear Materials (SNM), and other contraband (e.g. explosives, drugs, nerve agents). Passport's system generates a 3-D image of the scanned object which contains information such as effective-Z and density, as well as a 2-D image and isotopic and fissionable information for regions of interest.

Building a highly available and intrusion tolerant Database Security and Protection System (DSPS).

Science.gov (United States)

Cai, Liang; Yang, Xiao-Hu; Dong, Jin-Xiang

2003-01-01

Database Security and Protection System (DSPS) is a security platform for fighting malicious DBMS. The security and performance are critical to DSPS. The authors suggested a key management scheme by combining the server group structure to improve availability and the key distribution structure needed by proactive security. This paper detailed the implementation of proactive security in DSPS. After thorough performance analysis, the authors concluded that the performance difference between the replicated mechanism and proactive mechanism becomes smaller and smaller with increasing number of concurrent connections; and that proactive security is very useful and practical for large, critical applications.

[Analysis of intrusion errors in free recall].

Science.gov (United States)

Diesfeldt, H F A

2017-06-01

Extra-list intrusion errors during five trials of the eight-word list-learning task of the Amsterdam Dementia Screening Test (ADST) were investigated in 823 consecutive psychogeriatric patients (87.1% suffering from major neurocognitive disorder). Almost half of the participants (45.9%) produced one or more intrusion errors on the verbal recall test. Correct responses were lower when subjects made intrusion errors, but learning slopes did not differ between subjects who committed intrusion errors and those who did not so. Bivariate regression analyses revealed that participants who committed intrusion errors were more deficient on measures of eight-word recognition memory, delayed visual recognition and tests of executive control (the Behavioral Dyscontrol Scale and the ADST-Graphical Sequences as measures of response inhibition). Using hierarchical multiple regression, only free recall and delayed visual recognition retained an independent effect in the association with intrusion errors, such that deficient scores on tests of episodic memory were sufficient to explain the occurrence of intrusion errors. Measures of inhibitory control did not add significantly to the explanation of intrusion errors in free recall, which makes insufficient strength of memory traces rather than a primary deficit in inhibition the preferred account for intrusion errors in free recall.

Social engineering awareness in Nuclear Malaysia

International Nuclear Information System (INIS)

Mohd Dzul Aiman bin Aslan; Mohamad Safuan bin Sulaiman; Abdul Muin bin Abdul Rahman

2010-01-01

Social engineering is the best tools to infiltrate an organization weakness. It can go bypass the best fire wall or Intrusion Detection System (IDS) the organization ever had, effectively. Nuclear Malaysia staffs should aware of this technique as information protection it is not only depends on paper and computer. This paper consist a few test cases including e mail, dump ster diving, phishing, malicious web content, and impersonation to acknowledge all Nuclear Malaysia staffs about the method, effect and prevention of social engineering. (author)

Network Based Intrusion Detection and Prevention Systems in IP-Level Security Protocols

OpenAIRE

R. Kabila

2008-01-01

IPsec has now become a standard information security technology throughout the Internet society. It provides a well-defined architecture that takes into account confidentiality, authentication, integrity, secure key exchange and protection mechanism against replay attack also. For the connectionless security services on packet basis, IETF IPsec Working Group has standardized two extension headers (AH&ESP), key exchange and authentication protocols. It is also working on l...

Radioactive Waste SECURITY

International Nuclear Information System (INIS)

Brodowski, R.; Drapalik, M.; Gepp, C.; Gufler, K.; Sholly, S.

2010-01-01

The purpose of this work is to investigate the safety requirements for a radioactive waste repository, the fundamental problems involved and the legislative rules and arrangements for doing so. As the title already makes clear, the focus of this work is on aspects that can be assigned to the security sector - ie the security against the influence of third parties - and are to be distinguished from safety measures for the improvement of the technical safety aspects. In this context, mention is made of events such as human intrusion into guarded facilities, whereas e.g. a geological analysis on seismic safety is not discussed. For a variety of reasons, the consideration of security nuclear waste repositories in public discussions is increasingly taking a back seat, as ia. Terrorist threats can be considered as negligible risk or well calculable. Depending on the type of storage, different security aspects still have to be considered. (roessner)

A Metrics-Based Approach to Intrusion Detection System Evaluation for Distributed Real-Time Systems

Science.gov (United States)

2002-04-01

Based Approach to Intrusion Detection System Evaluation for Distributed Real - Time Systems Authors: G. A. Fink, B. L. Chappell, T. G. Turner, and...Distributed, Security. 1 Introduction Processing and cost requirements are driving future naval combat platforms to use distributed, real - time systems of...distributed, real - time systems . As these systems grow more complex, the timing requirements do not diminish; indeed, they may become more constrained

ICT security management

OpenAIRE

SCHREURS, Jeanne; MOREAU, Rachel

2007-01-01

Security becomes more and more important and companies are aware that it has become a management problem. It’s critical to know what are the critical resources and processes of the company and their weaknesses. A security audit can be a handy solution. We have developed BEVA, a method to critically analyse the company and to uncover the weak spots in the security system. BEVA results also in a general security score and security scores for each security factor. These will be used in the risk ...

Information fusion for cyber-security analytics

CERN Document Server

Karabatis, George; Aleroud, Ahmed

2017-01-01

This book highlights several gaps that have not been addressed in existing cyber security research. It first discusses the recent attack prediction techniques that utilize one or more aspects of information to create attack prediction models. The second part is dedicated to new trends on information fusion and their applicability to cyber security; in particular, graph data analytics for cyber security, unwanted traffic detection and control based on trust management software defined networks, security in wireless sensor networks & their applications, and emerging trends in security system design using the concept of social behavioral biometric. The book guides the design of new commercialized tools that can be introduced to improve the accuracy of existing attack prediction models. Furthermore, the book advances the use of Knowledge-based Intrusion Detection Systems (IDS) to complement existing IDS technologies. It is aimed towards cyber security researchers. .

A Comparative Study of Data Mining Algorithms for High Detection Rate in Intrusion Detection System

Directory of Open Access Journals (Sweden)

Nabeela Ashraf

2018-01-01

Full Text Available Due to the fast growth and tradition of the internet over the last decades, the network security problems are increasing vigorously. Humans can not handle the speed of processes and the huge amount of data required to handle network anomalies. Therefore, it needs substantial automation in both speed and accuracy. Intrusion Detection System is one of the approaches to recognize illegal access and rare attacks to secure networks. In this proposed paper, Naive Bayes, J48 and Random Forest classifiers are compared to compute the detection rate and accuracy of IDS. For experiments, the KDD_NSL dataset is used.

The Personal Information Security Assistant

NARCIS (Netherlands)

Kegel, Roeland Hendrik,Pieter

The human element is often found to be the weakest link in the information security chain. The Personal Information Security Assistant project aims to address this by improving the privacy and security awareness of end-users and by aligning the user's personal IT environment to the user's security

An international perspective on Facebook intrusion.

Science.gov (United States)

Błachnio, Agata; Przepiorka, Aneta; Benvenuti, Martina; Cannata, Davide; Ciobanu, Adela Magdalena; Senol-Durak, Emre; Durak, Mithat; Giannakos, Michail N; Mazzoni, Elvis; Pappas, Ilias O; Popa, Camelia; Seidman, Gwendolyn; Yu, Shu; Wu, Anise M S; Ben-Ezra, Menachem

2016-08-30

Facebook has become one of the most popular social networking websites in the world. The main aim of the study was to present an international comparison of Facebook intrusion and Internet penetration while examining possible gender differences. The study consisted of 2589 participants from eight countries: China, Greece, Israel, Italy, Poland, Romania, Turkey, USA. Facebook intrusion and Internet penetration were taken into consideration. In this study the relationship between Facebook intrusion and Internet penetration was demonstrated. Facebook intrusion was slightly negatively related to Internet penetration in each country. Copyright © 2016 Elsevier Ireland Ltd. All rights reserved.

Medical Information Security

OpenAIRE

William C. Figg, Ph.D.; Hwee Joo Kam, M.S.

2011-01-01

Modern medicine is facing a complex environment, not from medical technology but rather government regulations and information vulnerability. HIPPA is the government’s attempt to protect patient’s information yet this only addresses traditional record handling. The main threat is from the evolving security issues. Many medical offices and facilities have multiple areas of information security concerns. Physical security is often weak, office personnel are not always aware of security needs an...

Design and Implementation of a Secure Modbus Protocol

Science.gov (United States)

Fovino, Igor Nai; Carcano, Andrea; Masera, Marcelo; Trombetta, Alberto

The interconnectivity of modern and legacy supervisory control and data acquisition (SCADA) systems with corporate networks and the Internet has significantly increased the threats to critical infrastructure assets. Meanwhile, traditional IT security solutions such as firewalls, intrusion detection systems and antivirus software are relatively ineffective against attacks that specifically target vulnerabilities in SCADA protocols. This paper describes a secure version of the Modbus SCADA protocol that incorporates integrity, authentication, non-repudiation and anti-replay mechanisms. Experimental results using a power plant testbed indicate that the augmented protocol provides good security functionality without significant overhead.

Embedding security messages in existing processes: a pragmatic and effective approach to information security culture change

CERN Document Server

Lopienski, Sebastian

Companies and organizations world-wide depend more and more on IT infrastructure and operations. Computer systems store vital information and sensitive data; computing services are essential for main business processes. This high dependency comes with a number of security risks, which have to be managed correctly on technological, organizational and human levels. Addressing the human aspects of information security often boils down just to procedures, training and awareness raising. On the other hand, employees and collaborators do not adopt security attitude and habits simply when told to do so – a real change in behaviour requires an established security culture. But how to introduce a security culture? This thesis outlines the need of developing or improving security culture, and discusses how this can be done. The proposed approach is to gradually build security knowledge and awareness, and influence behaviours. The way to achieve this is to make security communication pervasive by embedding security me...

Design of a Secure System Considering Quality of Service

Directory of Open Access Journals (Sweden)

Seondong Heo

2014-11-01

Full Text Available Improvements in networking technologies have provided users with useful information services. Such information services may bring convenience and efficiency, but might be accompanied by vulnerabilities to a variety of attacks. Therefore, a variety of research to enhance the security of the systems and get the services at the same time has been carried out. Especially, research on intrusion-tolerant systems (ITSs has been conducted in order to survive against every intrusion, rather than to detect and prevent them. In this paper, an ITS based on effective resource conversion (ERC is presented to achieve the goal of intrusion-tolerance. Instead of using the fixed number of virtual machines (VMs to process requests and recover as in conventional approaches, the ITS based on ERC can transform the assigned resources depending on the system status. This scheme is proved to maintain a certain level of quality of service (QoS and quality of security service (QoSS in threatening environments. The performance of ERC is compared with previous studies on ITS by CSIM 20, and it is verified that the proposed scheme is more effective in retaining a specific level of QoS and QoSS.

Provide a model to improve the performance of intrusion detection systems in the cloud

OpenAIRE

Foroogh Sedighi

2016-01-01

High availability of tools and service providers in cloud computing and the fact that cloud computing services are provided by internet and deal with public, have caused important challenges for new computing model. Cloud computing faces problems and challenges such as user privacy, data security, data ownership, availability of services, and recovery after breaking down, performance, scalability, programmability. So far, many different methods are presented for detection of intrusion in clou...

Nuclear power plant security systems - The need for upgrades

International Nuclear Information System (INIS)

Murskyj, M.P.; Furlow, C.H.

1989-01-01

Most perimeter security systems for nuclear power plants were designed and installed in the late 1970s or early 1980s. This paper explores the need to regularly evaluate and possibly upgrade a security system in the area of perimeter intrusion detection and surveillance. this paper discusses US Nuclear Regulatory Commission audits and regulatory effectiveness reviews (RERs), which have raised issues regarding the performance of perimeter security systems. The audits and RERs identified various degrees of vulnerability in certain aspects of existing perimeter security systems. In addition to reviewing the regulatory concerns, this paper discusses other reasons to evaluate and/or upgrade a perimeter security system

A two-stage flow-based intrusion detection model for next-generation networks.

Science.gov (United States)

Umer, Muhammad Fahad; Sher, Muhammad; Bi, Yaxin

2018-01-01

The next-generation network provides state-of-the-art access-independent services over converged mobile and fixed networks. Security in the converged network environment is a major challenge. Traditional packet and protocol-based intrusion detection techniques cannot be used in next-generation networks due to slow throughput, low accuracy and their inability to inspect encrypted payload. An alternative solution for protection of next-generation networks is to use network flow records for detection of malicious activity in the network traffic. The network flow records are independent of access networks and user applications. In this paper, we propose a two-stage flow-based intrusion detection system for next-generation networks. The first stage uses an enhanced unsupervised one-class support vector machine which separates malicious flows from normal network traffic. The second stage uses a self-organizing map which automatically groups malicious flows into different alert clusters. We validated the proposed approach on two flow-based datasets and obtained promising results.

Attack Pattern Analysis Framework for a Multiagent Intrusion Detection System

Directory of Open Access Journals (Sweden)

Krzysztof Juszczyszyn

2008-08-01

Full Text Available The paper proposes the use of attack pattern ontology and formal framework for network traffic anomalies detection within a distributed multi-agent Intrusion Detection System architecture. Our framework assumes ontology-based attack definition and distributed processing scheme with exchange of communicates between agents. The role of traffic anomalies detection was presented then it has been discussed how some specific values characterizing network communication can be used to detect network anomalies caused by security incidents (worm attack, virus spreading. Finally, it has been defined how to use the proposed techniques in distributed IDS using attack pattern ontology.

Hybrid Security Policies

Directory of Open Access Journals (Sweden)

Radu CONSTANTINESCU

2006-01-01

Full Text Available Policy is defined as the rules and regulations set by the organization. They are laid down by management in compliance with industry regulations, law and internal decisions. Policies are mandatory. Security policies rules how the information is protected against security vulnerabilities and they are the basis for security awareness, training and vital for security audits. Policies are focused on desired results. The means of achieving the goals are defined on controls, standards and procedures.

Computer Security: the security marathon, part 2

CERN Multimedia

Computer Security Team

2014-01-01

Do you recall our latest article on the “Security Marathon” (see here) and why it’s wrong to believe that computer security is a sprint, that a quick hack is invulnerable, that quick bug-fixing is sufficient, that plugging security measures on top of existing structures is a good idea, that once you are secure, your life is cosy?   In fact, security is a marathon for us too. Again and again, we have felt comfortable with the security situation at CERN, with dedicated protections deployed on individual hosts, with the security measures deployed by individual service managers, with the attentiveness and vigilance of our users, and with the responsiveness of the Management. Again and again, however, we subsequently detect or receive reports that this is wrong, that protections are incomplete, that security measures are incomplete, that security awareness has dropped. Thus, unfortunately, we often have to go back to square one and address similar issues over and over...

Information security protecting the global enterprise

CERN Document Server

Pipkin, Donald L

2000-01-01

In this book, IT security expert Donald Pipkin addresses every aspect of information security: the business issues, the technical process issues, and the legal issues. Pipkin starts by reviewing the key business issues: estimating the value of information assets, evaluating the cost to the organization if they are lost or disclosed, and determining the appropriate levels of protection and response to security incidents. Next, he walks through the technical processes required to build a consistent, reasonable information security system, with appropriate intrusion detection and reporting features. Finally, Pipkin reviews the legal issues associated with information security, including corporate officers' personal liability for taking care that information is protected. The book's coverage is applicable to businesses of any size, from 50 employees to 50,000 or more, and ideal for everyone who needs at least a basic understanding of information security: network/system administrators, managers, planners, archite...

An Impact Assessment Model for Distributed Adaptive Security Situation Assessment

National Research Council Canada - National Science Library

Heckman, Mark; Joshi, Nikhil; Tylutki, Marcus; Levitt, Karl; Just, James; Clough, Lawrence

2005-01-01

The goal of any intrusion detection, anti-virus, firewall or other security mechanism is not simply to stop attacks, but to protect a computing resource so that the resource can continue to perform its function...

Saltwater intrusion monitoring in Florida

Science.gov (United States)

Prinos, Scott T.

2016-01-01

Florida's communities are largely dependent on freshwater from groundwater aquifers. Existing saltwater in the aquifers, or seawater that intrudes parts of the aquifers that were fresh, can make the water unusable without additional processing. The quality of Florida's saltwater intrusion monitoring networks varies. In Miami-Dade and Broward Counties, for example, there is a well-designed network with recently constructed short open-interval monitoring wells that bracket the saltwater interface in the Biscayne aquifer. Geochemical analyses of water samples from the network help scientists evaluate pathways of saltwater intrusion and movement of the saltwater interface. Geophysical measurements, collected in these counties, aid the mapping of the saltwater interface and the design of monitoring networks. In comparison, deficiencies in the Collier County monitoring network include the positioning of monitoring wells, reliance on wells with long open intervals that when sampled might provide questionable results, and the inability of existing analyses to differentiate between multiple pathways of saltwater intrusion. A state-wide saltwater intrusion monitoring network is being planned; the planned network could improve saltwater intrusion monitoring by adopting the applicable strategies of the networks of Miami-Dade and Broward Counties, and by addressing deficiencies such as those described for the Collier County network.

Acknowledging the dilemmas of intrusive media

DEFF Research Database (Denmark)

Mathieu, David; Finger, Juliane; Dias, Patrcia

2017-01-01

Part of the stakeholder consultation addressed strategies that media audiences are developing to cope with pressures and intrusions in a changing media environment, characterised by digitalisation and interactive possibilities. We interviewed ten stakeholders representing interests such as content...... production, media literacy, media regulation, and activism. Consulting with these stakeholders left the impression that pressures and intrusions from media lack widespread acknowledgement, and that little is known about audiences’ strategies to cope with media. Even when intrusions are acknowledged, we find...... no consensual motivation, nor any clear avenue for action. Therefore, we have analysed different discursive positions that prevent acknowledging or taking action upon the pressures and intrusions that we presented to these stakeholders. The discursive positions are outlined below....

An Autonomic Framework for Integrating Security and Quality of Service Support in Databases

Science.gov (United States)

Alomari, Firas

2013-01-01

The back-end databases of multi-tiered applications are a major data security concern for enterprises. The abundance of these systems and the emergence of new and different threats require multiple and overlapping security mechanisms. Therefore, providing multiple and diverse database intrusion detection and prevention systems (IDPS) is a critical…

Is mindfulness-based therapy an effective intervention for obsessive-intrusive thoughts: a case series.

Science.gov (United States)

Wilkinson-Tough, Megan; Bocci, Laura; Thorne, Kirsty; Herlihy, Jane

2010-01-01

Despite the efficacy of cognitive-behavioural interventions in improving the experience of obsessions and compulsions, some people do not benefit from this approach. The present research uses a case series design to establish whether mindfulness-based therapy could benefit those experiencing obsessive-intrusive thoughts by targeting thought-action fusion and thought suppression. Three participants received a relaxation control intervention followed by a six-session mindfulness-based intervention which emphasized daily practice. Following therapy all participants demonstrated reductions in Yale-Brown Obsessive-Compulsive Scale scores to below clinical levels, with two participants maintaining this at follow-up. Qualitative analysis of post-therapy feedback suggested that mindfulness skills such as observation, awareness and acceptance were seen as helpful in managing thought-action fusion and suppression. Despite being limited by small participant numbers, these results suggest that mindfulness may be beneficial to some people experiencing intrusive unwanted thoughts and that further research could establish the possible efficacy of this approach in larger samples. Copyright (c) 2009 John Wiley & Sons, Ltd.

Zero Trust Intrusion Containment for Telemedicine

National Research Council Canada - National Science Library

Sood, Arun

2002-01-01

.... Our objective is the design and analysis of 'zero-trust' Intrusion Tolerant Systems. These are systems built under the extreme assumption that all intrusion detection techniques will eventually fail...

BLACK HOLE ATTACK IN AODV & FRIEND FEATURES UNIQUE EXTRACTION TO DESIGN DETECTION ENGINE FOR INTRUSION DETECTION SYSTEM IN MOBILE ADHOC NETWORK

Directory of Open Access Journals (Sweden)

HUSAIN SHAHNAWAZ

2012-10-01

Full Text Available Ad-hoc network is a collection of nodes that are capable to form dynamically a temporary network without the support of any centralized fixed infrastructure. Since there is no central controller to determine the reliable & secure communication paths in Mobile Adhoc Network, each node in the ad hoc network has to rely on each other in order to forward packets, thus highly cooperative nodes are required to ensure that the initiated data transmission process does not fail. In a mobile ad hoc network (MANET where security is a crucial issue and they are forced to rely on the neighbor node, trust plays an important role that could improve the number of successful data transmission. Larger the number of trusted nodes, higher successful data communication process rates could be expected. In this paper, Black Hole attack is applied in the network, statistics are collected to design intrusion detection engine for MANET Intrusion Detection System (IDS. Feature extraction and rule inductions are applied to find out the accuracy of detection engine by using support vector machine. In this paper True Positive generated by the detection engine is very high and this is a novel approach in the area of Mobile Adhoc Intrusion detection system.

Defining information security education, training, and awareness needs using electronic meeting space

Science.gov (United States)

Schou, Corey D.; Frost, James; Wingert, Nathan; Maconachy, W. V.

1999-01-01

The United States is at target. For those of us who grew up curing the cold war this is not news; however, the threat is different than it has been in the past. Now it may be another super power or it may be a teenage child with a personal computer. Both government and civilian entities are potential targets. The national information infrastructure (NII) is the real target. The determined hacker can bring down not only government systems, but the power-grid, the financial system, or the air traffic control system as well. All organizations must be aware of the threat and be prepared to react appropriately. Of course, the federal government has begun to protect their critical systems. However, many American corporations have not yet fully protected their systems. Since there is a common threat, common standards for countermeasures are applicable. This paper reports on the use of an electronic meeting room technology by government, industry, and academia to establish a national training standard. If you are a CIO or advise one about security matters, these standards are important.

Hybrid Intrusion Detection System for DDoS Attacks

Directory of Open Access Journals (Sweden)

Özge Cepheli

2016-01-01

Full Text Available Distributed denial-of-service (DDoS attacks are one of the major threats and possibly the hardest security problem for today’s Internet. In this paper we propose a hybrid detection system, referred to as hybrid intrusion detection system (H-IDS, for detection of DDoS attacks. Our proposed detection system makes use of both anomaly-based and signature-based detection methods separately but in an integrated fashion and combines the outcomes of both detectors to enhance the overall detection accuracy. We apply two distinct datasets to our proposed system in order to test the detection performance of H-IDS and conclude that the proposed hybrid system gives better results than the systems based on nonhybrid detection.

A Systematic Approach for Understanding and Modeling the Performance of Network Security Devices

OpenAIRE

Beyene, Yordanos

2014-01-01

In this dissertation, we attempt to understand and predict the performance of security devices. More specifically, we examine the following types of questions: (a) Given a security device, and a traffic load, can we predict the performance of the device? (b) Given a traffic load and a security device, how can we tune the performance of the device to achieve the desired trade-off between security and performance? We consider both stateful firewalls and Network Intrusion Prevention systems (NIP...

10 CFR 95.33 - Security education.

Science.gov (United States)

2010-01-01

... 10 Energy 2 2010-01-01 2010-01-01 false Security education. 95.33 Section 95.33 Energy NUCLEAR... INFORMATION AND RESTRICTED DATA Physical Security § 95.33 Security education. All cleared employees must be... information. The facility may obtain defensive security, threat awareness, and other education and training...

Control Systems Cyber Security Standards Support Activities

Energy Technology Data Exchange (ETDEWEB)

Robert Evans

2009-01-01

The Department of Homeland Security’s Control Systems Security Program (CSSP) is working with industry to secure critical infrastructure sectors from cyber intrusions that could compromise control systems. This document describes CSSP’s current activities with industry organizations in developing cyber security standards for control systems. In addition, it summarizes the standards work being conducted by organizations within the sector and provides a brief listing of sector meetings and conferences that might be of interest for each sector. Control systems cyber security standards are part of a rapidly changing environment. The participation of CSSP in the development effort for these standards has provided consistency in the technical content of the standards while ensuring that information developed by CSSP is included.

Duo: Software Defined Intrusion Tolerant System Using Dual Cluster

Directory of Open Access Journals (Sweden)

Yongjae Lee

2018-01-01

Full Text Available An intrusion tolerant system (ITS is a network security system that is composed of redundant virtual servers that are online only in a short time window, called exposure time. The servers are periodically recovered to their clean state, and any infected servers are refreshed again, so attackers have insufficient time to succeed in breaking into the servers. However, there is a conflicting interest in determining exposure time, short for security and long for performance. In other words, the short exposure time can increase security but requires more servers to run in order to process requests in a timely manner. In this paper, we propose Duo, an ITS incorporated in SDN, which can reduce exposure time without consuming computing resources. In Duo, there are two types of servers: some servers with long exposure time (White server and others with short exposure time (Gray server. Then, Duo classifies traffic into benign and suspicious with the help of SDN/NFV technology that also allows dynamically forwarding the classified traffic to White and Gray servers, respectively, based on the classification result. By reducing exposure time of a set of servers, Duo can decrease exposure time on average. We have implemented the prototype of Duo and evaluated its performance in a realistic environment.

From intrusive to oscillating thoughts.

Science.gov (United States)

Peirce, Anne Griswold

2007-10-01

This paper focused on the possibility that intrusive thoughts (ITs) are a form of an evolutionary, adaptive, and complex strategy to prepare for and resolve stressful life events through schema formation. Intrusive thoughts have been studied in relation to individual conditions, such as traumatic stress disorder and obsessive-compulsive disorder. They have also been documented in the average person experiencing everyday stress. In many descriptions of thought intrusion, it is accompanied by thought suppression. Several theories have been put forth to describe ITs, although none provides a satisfactory explanation as to whether ITs are a normal process, a normal process gone astray, or a sign of pathology. There is also no consistent view of the role that thought suppression plays in the process. I propose that thought intrusion and thought suppression may be better understood by examining them together as a complex and adaptive mechanism capable of escalating in times of need. The ability of a biological mechanism to scale up in times of need is one hallmark of a complex and adaptive system. Other hallmarks of complexity, including self-similarity across scales, sensitivity to initial conditions, presence of feedback loops, and system oscillation, are also discussed in this article. Finally, I propose that thought intrusion and thought suppression are better described together as an oscillatory cycle.

Intrusion Prevention and Detection in Grid Computing - The ALICE Case

CERN Document Server

INSPIRE-00416173; Kebschull, Udo

2015-01-01

Grids allow users flexible on-demand usage of computing resources through remote communication networks. A remarkable example of a Grid in High Energy Physics (HEP) research is used in the ALICE experiment at European Organization for Nuclear Research CERN. Physicists can submit jobs used to process the huge amount of particle collision data produced by the Large Hadron Collider (LHC). Grids face complex security challenges. They are interesting targets for attackers seeking for huge computational resources. Since users can execute arbitrary code in the worker nodes on the Grid sites, special care should be put in this environment. Automatic tools to harden and monitor this scenario are required. Currently, there is no integrated solution for such requirement. This paper describes a new security framework to allow execution of job payloads in a sandboxed context. It also allows process behavior monitoring to detect intrusions, even when new attack methods or zero day vulnerabilities are exploited, by a Machin...

Attacks and intrusion detection in wireless sensor networks of industrial SCADA systems

Science.gov (United States)

Kamaev, V. A.; Finogeev, A. G.; Finogeev, A. A.; Parygin, D. S.

2017-01-01

The effectiveness of automated process control systems (APCS) and supervisory control and data acquisition systems (SCADA) information security depends on the applied protection technologies of transport environment data transmission components. This article investigates the problems of detecting attacks in wireless sensor networks (WSN) of SCADA systems. As a result of analytical studies, the authors developed the detailed classification of external attacks and intrusion detection in sensor networks and brought a detailed description of attacking impacts on components of SCADA systems in accordance with the selected directions of attacks.

Proposed Network Intrusion Detection System ‎Based on Fuzzy c Mean Algorithm in Cloud ‎Computing Environment

Directory of Open Access Journals (Sweden)

Shawq Malik Mehibs

2017-12-01

Full Text Available Nowadays cloud computing had become is an integral part of IT industry, cloud computing provides Working environment allow a user of environmental to share data and resources over the internet. Where cloud computing its virtual grouping of resources offered over the internet, this lead to different matters related to the security and privacy in cloud computing. And therefore, create intrusion detection very important to detect outsider and insider intruders of cloud computing with high detection rate and low false positive alarm in the cloud environment. This work proposed network intrusion detection module using fuzzy c mean algorithm. The kdd99 dataset used for experiments .the proposed system characterized by a high detection rate with low false positive alarm

Research on the technology of detecting the SQL injection attack and non-intrusive prevention in WEB system

Science.gov (United States)

Hu, Haibin

2017-05-01

Among numerous WEB security issues, SQL injection is the most notable and dangerous. In this study, characteristics and procedures of SQL injection are analyzed, and the method for detecting the SQL injection attack is illustrated. The defense resistance and remedy model of SQL injection attack is established from the perspective of non-intrusive SQL injection attack and defense. Moreover, the ability of resisting the SQL injection attack of the server has been comprehensively improved through the security strategies on operation system, IIS and database, etc.. Corresponding codes are realized. The method is well applied in the actual projects.

An Intrusion Detection System for the Protection of Railway Assets Using Fiber Bragg Grating Sensors

Directory of Open Access Journals (Sweden)

Angelo Catalano

2014-09-01

Full Text Available We demonstrate the ability of Fiber Bragg Gratings (FBGs sensors to protect large areas from unauthorized activities in railway scenarios such as stations or tunnels. We report on the technological strategy adopted to protect a specific depot, representative of a common scenario for security applications in the railway environment. One of the concerns in the protection of a railway area centers on the presence of rail-tracks, which cannot be obstructed with physical barriers. We propose an integrated optical fiber system composed of FBG strain sensors that can detect human intrusion for protection of the perimeter combined with FBG accelerometer sensors for protection of rail-track access. Several trials were carried out in indoor and outdoor environments. The results demonstrate that FBG strain sensors bonded under a ribbed rubber mat enable the detection of intruder break-in via the pressure induced on the mat, whereas the FBG accelerometers installed under the rails enable the detection of intruders walking close to the railroad tracks via the acoustic surface waves generated by footsteps. Based on a single enabling technology, this integrated system represents a valuable intrusion detection system for railway security and could be integrated with other sensing functionalities in the railway field using fiber optic technology.

Enhancing Trust Management for Wireless Intrusion Detection via Traffic Sampling in the Era of Big Data

DEFF Research Database (Denmark)

Meng, Weizhi; Li, Wenjuan; Su, Chunhua

2017-01-01

many kinds of information among sensors, whereas such network is vulnerable to a wide range of attacks, especially insider attacks, due to its natural environment and inherent unreliable transmission. To safeguard its security, intrusion detection systems (IDSs) are widely adopted in a WSN to defend...... against insider attacks through implementing proper trustbased mechanisms. However, in the era of big data, sensors may generate excessive information and data, which could degrade the effectiveness of trust computation. In this paper, we focus on this challenge and propose a way of combining Bayesian......-based trust management with traffic sampling for wireless intrusion detection under a hierarchical structure. In the evaluation, we investigate the performance of our approach in both a simulated and a real network environment. Experimental results demonstrate that packet-based trust management would become...

Towards Effective Network Intrusion Detection: A Hybrid Model Integrating Gini Index and GBDT with PSO

Directory of Open Access Journals (Sweden)

Longjie Li

2018-01-01

Full Text Available In order to protect computing systems from malicious attacks, network intrusion detection systems have become an important part in the security infrastructure. Recently, hybrid models that integrating several machine learning techniques have captured more attention of researchers. In this paper, a novel hybrid model was proposed with the purpose of detecting network intrusion effectively. In the proposed model, Gini index is used to select the optimal subset of features, the gradient boosted decision tree (GBDT algorithm is adopted to detect network attacks, and the particle swarm optimization (PSO algorithm is utilized to optimize the parameters of GBDT. The performance of the proposed model is experimentally evaluated in terms of accuracy, detection rate, precision, F1-score, and false alarm rate using the NSL-KDD dataset. Experimental results show that the proposed model is superior to the compared methods.

Connecting to the Internet Securely; Protecting Home Networks CIAC-2324

Energy Technology Data Exchange (ETDEWEB)

Orvis, W J; Krystosek, P; Smith, J

2002-11-27

With more and more people working at home and connecting to company networks via the Internet, the risk to company networks to intrusion and theft of sensitive information is growing. Working from home has many positive advantages for both the home worker and the company they work for. However, as companies encourage people to work from home, they need to start considering the interaction of the employee's home network and the company network he connects to. This paper discusses problems and solutions related to protection of home computers from attacks on those computers via the network connection. It does not consider protection of those systems from people who have physical access to the computers nor does it consider company laptops taken on-the-road. Home networks are often targeted by intruders because they are plentiful and they are usually not well secured. While companies have departments of professionals to maintain and secure their networks, home networks are maintained by the employee who may be less knowledgeable about network security matters. The biggest problems with home networks are that: Home networks are not designed to be secure and may use technologies (wireless) that are not secure; The operating systems are not secured when they are installed; The operating systems and applications are not maintained (for security considerations) after they are installed; and The networks are often used for other activities that put them at risk for being compromised. Home networks that are going to be connected to company networks need to be cooperatively secured by the employee and the company so they do not open up the company network to intruders. Securing home networks involves many of the same operations as securing a company network: Patch and maintain systems; Securely configure systems; Eliminate unneeded services; Protect remote logins; Use good passwords; Use current antivirus software; and Moderate your Internet usage habits. Most of these

Integrated homeland security system with passive thermal imaging and advanced video analytics

Science.gov (United States)

Francisco, Glen; Tillman, Jennifer; Hanna, Keith; Heubusch, Jeff; Ayers, Robert

2007-04-01

A complete detection, management, and control security system is absolutely essential to preempting criminal and terrorist assaults on key assets and critical infrastructure. According to Tom Ridge, former Secretary of the US Department of Homeland Security, "Voluntary efforts alone are not sufficient to provide the level of assurance Americans deserve and they must take steps to improve security." Further, it is expected that Congress will mandate private sector investment of over $20 billion in infrastructure protection between 2007 and 2015, which is incremental to funds currently being allocated to key sites by the department of Homeland Security. Nearly 500,000 individual sites have been identified by the US Department of Homeland Security as critical infrastructure sites that would suffer severe and extensive damage if a security breach should occur. In fact, one major breach in any of 7,000 critical infrastructure facilities threatens more than 10,000 people. And one major breach in any of 123 facilities-identified as "most critical" among the 500,000-threatens more than 1,000,000 people. Current visible, nightvision or near infrared imaging technology alone has limited foul-weather viewing capability, poor nighttime performance, and limited nighttime range. And many systems today yield excessive false alarms, are managed by fatigued operators, are unable to manage the voluminous data captured, or lack the ability to pinpoint where an intrusion occurred. In our 2006 paper, "Critical Infrastructure Security Confidence Through Automated Thermal Imaging", we showed how a highly effective security solution can be developed by integrating what are now available "next-generation technologies" which include: Thermal imaging for the highly effective detection of intruders in the dark of night and in challenging weather conditions at the sensor imaging level - we refer to this as the passive thermal sensor level detection building block Automated software detection

Foundations for Security Aware Software Development Education

National Research Council Canada - National Science Library

McDonald, Jeffrey T

2005-01-01

.... In this paper, we show how rigorous coding techniques should be woven into the fabric of computer science curriculum and ultimately should be distinguished from requirements-driven security techniques...

Cyber Security Awareness and Its Impact on Employee’s Behavior

OpenAIRE

Li, Ling; Xu, Li; He, Wu; Chen, Yong; Chen, Hong

2016-01-01

Part 3: Security and Privacy Issues; International audience; This paper proposes a model that extends the Protection Motivation Theory to validate the relationships among peer behavior, cue to action, and employees’ action experience of cyber security, threat perception, response perception, and employee’s cyber security behavior. The findings of the study suggest that the influence from peer behavior and employees action experience of cyber security is an important factor for improving cyber...

Security of fissile materials in Russia

International Nuclear Information System (INIS)

Bukharin, O.

1996-01-01

The problem of security of huge stocks of weapons-usable highly enriched uranium and plutonium in Russia against theft or diversion remains a serious nonproliferation concern. During the Cold War, the security of Soviet nuclear materials was based on centralization and discipline, protection by the military, and intrusive political oversight of the people. The recent fundamental societal changes have rendered these arrangements inadequate, and the security of nuclear materials has decreased. Safeguarding nuclear materials in Russia is particularly difficult because of their very large inventories and the size and complexity of the nation's nuclear infrastructure. Russia needs a reliable and more objective technology-based system of nuclear safeguards designed to control nuclear materials. The Russian government and the international community are working towards this goal

Network Security Hacks Tips & Tools for Protecting Your Privacy

CERN Document Server

Lockhart, Andrew

2009-01-01

This second edition of Network Security Hacks offers 125 concise and practical hacks, including more information for Windows administrators, hacks for wireless networking (such as setting up a captive portal and securing against rogue hotspots), and techniques to ensure privacy and anonymity, including ways to evade network traffic analysis, encrypt email and files, and protect against phishing attacks. System administrators looking for reliable answers will also find concise examples of applied encryption, intrusion detection, logging, trending, and incident response.

Intrusive trauma memory: A review and functional analysis

NARCIS (Netherlands)

Krans, J.; Näring, G.W.B.; Becker, E.S.; Holmes, E.A.

2009-01-01

Our contribution to this special issue focuses on the phenomenon of intrusive trauma memory. While intrusive trauma memories can undoubtedly cause impairment, we argue that they may exist for a potentially adaptive reason. Theory and experimental research on intrusion development are reviewed and

Evaluation of a Cyber Security System for Hospital Network.

Science.gov (United States)

Faysel, Mohammad A

2015-01-01

Most of the cyber security systems use simulated data in evaluating their detection capabilities. The proposed cyber security system utilizes real hospital network connections. It uses a probabilistic data mining algorithm to detect anomalous events and takes appropriate response in real-time. On an evaluation using real-world hospital network data consisting of incoming network connections collected for a 24-hour period, the proposed system detected 15 unusual connections which were undetected by a commercial intrusion prevention system for the same network connections. Evaluation of the proposed system shows a potential to secure protected patient health information on a hospital network.

Object Classification based Context Management for Identity Management in Internet of Things

DEFF Research Database (Denmark)

Mahalle, Parikshit N.; Prasad, Neeli R.; Prasad, Ramjee

2013-01-01

As computing technology is becoming more tightly coupled into dynamic and mobile world of the Internet of Things (IoT), security mechanism is more stringent, flexible and less intrusive. Scalability issue in IoT makes identity management (IdM) of ubiquitous objects more challenging, and there is ......As computing technology is becoming more tightly coupled into dynamic and mobile world of the Internet of Things (IoT), security mechanism is more stringent, flexible and less intrusive. Scalability issue in IoT makes identity management (IdM) of ubiquitous objects more challenging......, and there is a need of context-aware access control solution for IdM. Confronting uncertainty of different types of objects in IoT is not easy. This paper presents the logical framework for object classification in context aware IoT, as richer contextual information creates an impact on the access control. This paper...

Autonomous Rule Creation for Intrusion Detection

Energy Technology Data Exchange (ETDEWEB)

Todd Vollmer; Jim Alves-Foss; Milos Manic

2011-04-01

Many computational intelligence techniques for anomaly based network intrusion detection can be found in literature. Translating a newly discovered intrusion recognition criteria into a distributable rule can be a human intensive effort. This paper explores a multi-modal genetic algorithm solution for autonomous rule creation. This algorithm focuses on the process of creating rules once an intrusion has been identified, rather than the evolution of rules to provide a solution for intrusion detection. The algorithm was demonstrated on anomalous ICMP network packets (input) and Snort rules (output of the algorithm). Output rules were sorted according to a fitness value and any duplicates were removed. The experimental results on ten test cases demonstrated a 100 percent rule alert rate. Out of 33,804 test packets 3 produced false positives. Each test case produced a minimum of three rule variations that could be used as candidates for a production system.

AWARE-P: a system-based software for urban water IAM planning

OpenAIRE

Coelho, S.T.; Vitorino, D.; Alegre, H.

2013-01-01

The AWARE-P IAM planning software offers a non-intrusive, web-based, collaborative integration environment for a wide variety of data and processes that may be relevant to the IAM decision-making process, including maps, GIS shapefiles and geodatabases; inventory records; work orders, maintenance, inspections/CCTV records; network models, performance indicators, asset valuation records, among others. The software provides an organized framework for evaluating and comparing planning alternativ...

Rapid laccolith intrusion driven by explosive volcanic eruption.

Science.gov (United States)

Castro, Jonathan M; Cordonnier, Benoit; Schipper, C Ian; Tuffen, Hugh; Baumann, Tobias S; Feisel, Yves

2016-11-23

Magmatic intrusions and volcanic eruptions are intimately related phenomena. Shallow magma intrusion builds subsurface reservoirs that are drained by volcanic eruptions. Thus, the long-held view is that intrusions must precede and feed eruptions. Here we show that explosive eruptions can also cause magma intrusion. We provide an account of a rapidly emplaced laccolith during the 2011 rhyolite eruption of Cordón Caulle, Chile. Remote sensing indicates that an intrusion began after eruption onset and caused severe (>200 m) uplift over 1 month. Digital terrain models resolve a laccolith-shaped body ∼0.8 km 3 . Deformation and conduit flow models indicate laccolith depths of only ∼20-200 m and overpressures (∼1-10 MPa) that likely stemmed from conduit blockage. Our results show that explosive eruptions may rapidly force significant quantities of magma in the crust to build laccoliths. These iconic intrusions can thus be interpreted as eruptive features that pose unique and previously unrecognized volcanic hazards.

Nuclear safeguards and security: we can do better.

Energy Technology Data Exchange (ETDEWEB)

Johnston, R. G. (Roger G.); Warner, Jon S.; Garcia, A. R. E. (Anthony R. E.); Martinez, R. K. (Ronald K.); Lopez, L. N. (Leon N.); Pacheco, A. N. (Adam N.); Trujillo, S. J. (Sonia J.); Herrera, A. M. (Alicia M.); Bitzer, E. G. (Edward G.), III

2005-01-01

There are a number of practical ways to significantly improve nuclear safeguards and security. These include recognizing and minimizing the insider threat; using adversarial vulnerability assessments to find vulnerabilities and countermeasures; fully appreciating the disparate nature of domestic and international nuclear safeguards; improving tamper detection and tamper-indicating seals; not confusing the inventory and security functions; and recognizing the limitations of GPS tracking, contact memory buttons, and RFID tags. The efficacy of nuclear safeguards depends critically on employing sophisticated security strategies and effective monitoring hardware. The Vulnerability Assessment Team (VAT) at Los Alamos National Laboratory has extensively researched issues associated with nuclear safeguards, especially in the areas of tamper/intrusion detection, transport security, and vulnerability assessments. This paper discusses some of our findings, recommendations, and warnings.

The Remote Security Station (RSS) final report

International Nuclear Information System (INIS)

Pletta, J.B.; Amai, W.A.; Klarer, P.; Frank, D.; Carlson, J.; Byrne, R.

1992-10-01

The Remote Security Station (RSS) was developed by Sandia National Laboratories for the Defense Nuclear Agency to investigate issues pertaining to robotics and sensor fusion in physical security systems. This final report documents the status of the RSS program at its completion in April 1992. The RSS system consists of the Man Portable Security Station (MaPSS) and the Telemanaged Mobile Security Station (TMSS), which are integrated by the Operator's Control Unit (OCU) into a flexible exterior perimeter security system. The RSS system uses optical, infrared, microwave, and acoustic intrusion detection sensors in conjunction with sensor fusion techniques to increase the probability of detection and to decrease the nuisance alarm rate of the system. Major improvements to the system developed during the final year are an autonomous patrol capability, which allows TMSS to execute security patrols with limited operator interaction, and a neural network approach to sensor fusion, which significantly improves the system's ability to filter out nuisance alarms due to adverse weather conditions

A Multiagent-based Intrusion Detection System with the Support of Multi-Class Supervised Classification

Science.gov (United States)

Shyu, Mei-Ling; Sainani, Varsha

The increasing number of network security related incidents have made it necessary for the organizations to actively protect their sensitive data with network intrusion detection systems (IDSs). IDSs are expected to analyze a large volume of data while not placing a significantly added load on the monitoring systems and networks. This requires good data mining strategies which take less time and give accurate results. In this study, a novel data mining assisted multiagent-based intrusion detection system (DMAS-IDS) is proposed, particularly with the support of multiclass supervised classification. These agents can detect and take predefined actions against malicious activities, and data mining techniques can help detect them. Our proposed DMAS-IDS shows superior performance compared to central sniffing IDS techniques, and saves network resources compared to other distributed IDS with mobile agents that activate too many sniffers causing bottlenecks in the network. This is one of the major motivations to use a distributed model based on multiagent platform along with a supervised classification technique.

Information Security and Integrity Systems

Science.gov (United States)

1990-01-01

Viewgraphs from the Information Security and Integrity Systems seminar held at the University of Houston-Clear Lake on May 15-16, 1990 are presented. A tutorial on computer security is presented. The goals of this tutorial are the following: to review security requirements imposed by government and by common sense; to examine risk analysis methods to help keep sight of forest while in trees; to discuss the current hot topic of viruses (which will stay hot); to examine network security, now and in the next year to 30 years; to give a brief overview of encryption; to review protection methods in operating systems; to review database security problems; to review the Trusted Computer System Evaluation Criteria (Orange Book); to comment on formal verification methods; to consider new approaches (like intrusion detection and biometrics); to review the old, low tech, and still good solutions; and to give pointers to the literature and to where to get help. Other topics covered include security in software applications and development; risk management; trust: formal methods and associated techniques; secure distributed operating system and verification; trusted Ada; a conceptual model for supporting a B3+ dynamic multilevel security and integrity in the Ada runtime environment; and information intelligence sciences.

Use Trust Management Framework to Achieve Effective Security Mechanisms in Cloud Environment

Directory of Open Access Journals (Sweden)

Hicham Toumi

2017-03-01

Full Text Available Cloud Computing is an Internet based Computing where virtual shared servers provide software, infrastructure, platform and other resources to the customer on pay-as-you-use basis. Cloud Computing is increasingly becoming popular as many enterprise applications and data are moving into cloud platforms. However, with the enormous use of Cloud, the probability of occurring intrusion also increases. There is a major need of bringing security, transparency and reliability in cloud model for client satisfaction. One of the security issues is how to reduce the impact of any type of intrusion in this environment. To address this issue, a security solution is proposed in this paper. We provide a collaborative framework between our Hybrid Intrusion Detection System (Hy-IDS based on Mobile Agents and virtual firewalls. Therefore, our hybrid intrusion detection system consists of three types of IDS namely IDS-C, IDS-Cr and IDS-M, which are dispatched over three layer of cloud computing. In the first layer, we use IDS-C over our framework to collect, analyze and detect malicious data using Mobile Agents. In case of attack, we collect at the level of the second layer all the malicious data detected in the first layer for the generation of new signatures using IDS-Cr, which is based on a Signature Generation Algorithm (SGA and network intrusion detection system (NIDS. Finally, through an IDS-M placed in the third layer, the new signatures will be used to update the database NIDS belonging to IDS-Cr, then the database to NIDS belonging of IDS-Cr the cluster neighboring and also their IDS-C. Hardware firewall is unable to control communication between virtual machines on the same hypervisor. Moreover, they are blind to virtual traffic. Mostly, they are deployed at Virtual Machine Monitor- level (VMM under Cloud provider’s control. Equally, the mobile agents play an important role in this collaboration. They are used in our framework for investigation of hosts

Finding Security Patterns to Countermeasure Software Vulnerabilities

OpenAIRE

Borstad, Ole Gunnar

2008-01-01

Software security is an increasingly important part of software development as the risk from attackers is constantly evolving through increased exposure, threats and economic impact of security breaches. Emerging security literature describes expert knowledge such as secure development best practices. This knowledge is often not applied by software developers because they lack security awareness, security training and secure development methods and tools. Existing methods and tools require to...

Young women's experiences of intrusive behavior in 12 countries.

Science.gov (United States)

Sheridan, Lorraine; Scott, Adrian J; Roberts, Karl

2016-01-01

The present study provides international comparisons of young women's (N = 1,734) self-reported experiences of intrusive activities enacted by men. Undergraduate psychology students from 12 countries (Armenia, Australia, England, Egypt, Finland, India, Indonesia, Italy, Japan, Portugal, Scotland, and Trinidad) indicated which of 47 intrusive activities they had personally experienced. Intrusive behavior was not uncommon overall, although large differences were apparent between countries when women's personal experiences of specific intrusive activities were compared. Correlations were carried out between self-reported intrusive experiences, the Gender Empowerment Measure (GEM), and Hofstede's dimensions of national cultures. The primary associations were between women's experiences of intrusive behavior and the level of power they are afforded within the 12 countries. Women from countries with higher GEM scores reported experiencing more intrusive activities relating to courtship and requests for sex, while the experiences of women from countries with lower GEM scores related more to monitoring and ownership. Intrusive activities, many of them constituent of harassment and stalking, would appear to be widespread and universal, and their incidence and particular form reflect national level gender inequalities. © 2015 Wiley Periodicals, Inc.

Security systems engineering overview

Science.gov (United States)

Steele, Basil J.

1997-01-01

Crime prevention is on the minds of most people today. The concern for public safety and the theft of valuable assets are being discussed at all levels of government and throughout the public sector. There is a growing demand for security systems that can adequately safeguard people and valuable assets against the sophistication of those criminals or adversaries who pose a threat. The crime in this country has been estimated at 70 billion dollars in direct costs and up to 300 billion dollars in indirect costs. Health insurance fraud alone is estimated to cost American businesses 100 billion dollars. Theft, warranty fraud, and counterfeiting of computer hardware totaled 3 billion dollars in 1994. A threat analysis is a prerequisite to any security system design to assess the vulnerabilities with respect to the anticipated threat. Having established a comprehensive definition of the threat, crime prevention, detection, and threat assessment technologies can be used to address these criminal activities. This talk will outline the process used to design a security system regardless of the level of security. This methodology has been applied to many applications including: government high security facilities; residential and commercial intrusion detection and assessment; anti-counterfeiting/fraud detection technologies; industrial espionage detection and prevention; security barrier technology.

Towards effective and robust list-based packet filter for signature-based network intrusion detection: an engineering approach

DEFF Research Database (Denmark)

Meng, Weizhi; Li, Wenjuan; Kwok, Lam For

2017-01-01

Network intrusion detection systems (NIDSs) which aim to identify various attacks, have become an essential part of current security infrastructure. In particular, signature-based NIDSs are being widely implemented in industry due to their low rate of false alarms. However, the signature matching...... this problem, packet filtration is a promising solution to reduce unwanted traffic. Motivated by this, in this work, a list-based packet filter was designed and an engineering method of combining both blacklist and whitelist techniques was introduced. To further secure such filters against IP spoofing attacks...... in traffic filtration as well as workload reduction, and is robust against IP spoofing attacks....

Enhancing collaborative intrusion detection networks against insider attacks using supervised intrusion sensitivity-based trust management model

DEFF Research Database (Denmark)

Li, Wenjuan; Meng, Weizhi; Kwok, Lam-For

2017-01-01

To defend against complex attacks, collaborative intrusion detection networks (CIDNs) have been developed to enhance the detection accuracy, which enable an IDS to collect information and learn experience from others. However, this kind of networks is vulnerable to malicious nodes which are utili......To defend against complex attacks, collaborative intrusion detection networks (CIDNs) have been developed to enhance the detection accuracy, which enable an IDS to collect information and learn experience from others. However, this kind of networks is vulnerable to malicious nodes which...... are utilized by insider attacks (e.g., betrayal attacks). In our previous research, we developed a notion of intrusion sensitivity and identified that it can help improve the detection of insider attacks, whereas it is still a challenge for these nodes to automatically assign the values. In this article, we...... of intrusion sensitivity based on expert knowledge. In the evaluation, we compare the performance of three different supervised classifiers in assigning sensitivity values and investigate our trust model under different attack scenarios and in a real wireless sensor network. Experimental results indicate...

Intrusion scenarios in fusion waste disposal sites

International Nuclear Information System (INIS)

Zucchetti, M.; Zucchetti, M.; Rocco, P.

1998-01-01

Results of analyses on human intrusions into repositories of fusion radioactive waste are presented. The main topics are: duration of the institutional control, occurrence of intrusion, intrusion scenarios, acceptable risk limits and probabilistic data. Application to fusion waste repositories is implemented with a computational model: wells drilling is considered as the possible scenario. Doses and risks to intruder for different SEAFP-2 cases turn out to be very small. No intervention to reduce the hazard is necessary. (authors)

Intrusion scenarios in fusion waste disposal sites

Energy Technology Data Exchange (ETDEWEB)

Zucchetti, M. [European Commission, JRC, Institute for Advanced Material, Ispra, Vatican City State, Holy See (Italy); Zucchetti, M.; Rocco, P. [Energetics Dept., Polytechnic of Turin (Italy)

1998-07-01

Results of analyses on human intrusions into repositories of fusion radioactive waste are presented. The main topics are: duration of the institutional control, occurrence of intrusion, intrusion scenarios, acceptable risk limits and probabilistic data. Application to fusion waste repositories is implemented with a computational model: wells drilling is considered as the possible scenario. Doses and risks to intruder for different SEAFP-2 cases turn out to be very small. No intervention to reduce the hazard is necessary. (authors)

Border Security: A Conceptual Model of Complexity

Science.gov (United States)

2013-12-01

law , constitutional powers, environmental regulations, and civil rights, http://tpplegal.files.wordpress.com/2012/05/isds-domestic-legal-process...Violation NAFTA North American Free Trade Agreement NII Non-Intrusive Inspection POE Port of Entry PPD-8 Presidential Policy Directive 8...security measured? What constitutes a measure of effectiveness for protection? These are all questions presented to representatives of the Department of

Research on IPv6 intrusion detection system Snort-based

Science.gov (United States)

Shen, Zihao; Wang, Hui

2010-07-01

This paper introduces the common intrusion detection technologies, discusses the work flow of Snort intrusion detection system, and analyzes IPv6 data packet encapsulation and protocol decoding technology. We propose the expanding Snort architecture to support IPv6 intrusion detection in accordance with CIDF standard combined with protocol analysis technology and pattern matching technology, and present its composition. The research indicates that the expanding Snort system can effectively detect various intrusion attacks; it is high in detection efficiency and detection accuracy and reduces false alarm and omission report, which effectively solves the problem of IPv6 intrusion detection.

The NIDS Cluster: Scalable, Stateful Network Intrusion Detection on Commodity Hardware

Energy Technology Data Exchange (ETDEWEB)

Tierney, Brian L; Vallentin, Matthias; Sommer, Robin; Lee, Jason; Leres, Craig; Paxson, Vern; Tierney, Brian

2007-09-19

In this work we present a NIDS cluster as a scalable solution for realizing high-performance, stateful network intrusion detection on commodity hardware. The design addresses three challenges: (i) distributing traffic evenly across an extensible set of analysis nodes in a fashion that minimizes the communication required for coordination, (ii) adapting the NIDS's operation to support coordinating its low-level analysis rather than just aggregating alerts; and (iii) validating that the cluster produces sound results. Prototypes of our NIDS cluster now operate at the Lawrence Berkeley National Laboratory and the University of California at Berkeley. In both environments the clusters greatly enhance the power of the network security monitoring.

TOWARD HIGHLY SECURE AND AUTONOMIC COMPUTING SYSTEMS: A HIERARCHICAL APPROACH

Energy Technology Data Exchange (ETDEWEB)

Lee, Hsien-Hsin S

2010-05-11

The overall objective of this research project is to develop novel architectural techniques as well as system software to achieve a highly secure and intrusion-tolerant computing system. Such system will be autonomous, self-adapting, introspective, with self-healing capability under the circumstances of improper operations, abnormal workloads, and malicious attacks. The scope of this research includes: (1) System-wide, unified introspection techniques for autonomic systems, (2) Secure information-flow microarchitecture, (3) Memory-centric security architecture, (4) Authentication control and its implication to security, (5) Digital right management, (5) Microarchitectural denial-of-service attacks on shared resources. During the period of the project, we developed several architectural techniques and system software for achieving a robust, secure, and reliable computing system toward our goal.

Intrusion Prevention and Detection in Grid Computing - The ALICE Case

Science.gov (United States)

Gomez, Andres; Lara, Camilo; Kebschull, Udo

2015-12-01

Grids allow users flexible on-demand usage of computing resources through remote communication networks. A remarkable example of a Grid in High Energy Physics (HEP) research is used in the ALICE experiment at European Organization for Nuclear Research CERN. Physicists can submit jobs used to process the huge amount of particle collision data produced by the Large Hadron Collider (LHC). Grids face complex security challenges. They are interesting targets for attackers seeking for huge computational resources. Since users can execute arbitrary code in the worker nodes on the Grid sites, special care should be put in this environment. Automatic tools to harden and monitor this scenario are required. Currently, there is no integrated solution for such requirement. This paper describes a new security framework to allow execution of job payloads in a sandboxed context. It also allows process behavior monitoring to detect intrusions, even when new attack methods or zero day vulnerabilities are exploited, by a Machine Learning approach. We plan to implement the proposed framework as a software prototype that will be tested as a component of the ALICE Grid middleware.

Intrusion Prevention and Detection in Grid Computing - The ALICE Case

International Nuclear Information System (INIS)

Gomez, Andres; Lara, Camilo; Kebschull, Udo

2015-01-01

Grids allow users flexible on-demand usage of computing resources through remote communication networks. A remarkable example of a Grid in High Energy Physics (HEP) research is used in the ALICE experiment at European Organization for Nuclear Research CERN. Physicists can submit jobs used to process the huge amount of particle collision data produced by the Large Hadron Collider (LHC). Grids face complex security challenges. They are interesting targets for attackers seeking for huge computational resources. Since users can execute arbitrary code in the worker nodes on the Grid sites, special care should be put in this environment. Automatic tools to harden and monitor this scenario are required. Currently, there is no integrated solution for such requirement. This paper describes a new security framework to allow execution of job payloads in a sandboxed context. It also allows process behavior monitoring to detect intrusions, even when new attack methods or zero day vulnerabilities are exploited, by a Machine Learning approach. We plan to implement the proposed framework as a software prototype that will be tested as a component of the ALICE Grid middleware. (paper)

Intrusive Memories of Distressing Information: An fMRI Study.

Directory of Open Access Journals (Sweden)

Eva Battaglini

Full Text Available Although intrusive memories are characteristic of many psychological disorders, the neurobiological underpinning of these involuntary recollections are largely unknown. In this study we used functional magentic resonance imaging (fMRI to identify the neural networks associated with encoding of negative stimuli that are subsequently experienced as intrusive memories. Healthy partipants (N = 42 viewed negative and neutral images during a visual/verbal processing task in an fMRI context. Two days later they were assessed on the Impact of Event Scale for occurrence of intrusive memories of the encoded images. A sub-group of participants who reported significant intrusions (n = 13 demonstrated stronger activation in the amygdala, bilateral ACC and parahippocampal gyrus during verbal encoding relative to a group who reported no intrusions (n = 13. Within-group analyses also revealed that the high intrusion group showed greater activity in the dorsomedial (dmPFC and dorsolateral prefrontal cortex (dlPFC, inferior frontal gyrus and occipital regions during negative verbal processing compared to neutral verbal processing. These results do not accord with models of intrusions that emphasise visual processing of information at encoding but are consistent with models that highlight the role of inhibitory and suppression processes in the formation of subsequent intrusive memories.

Security-aware design for cyber-physical systems a platform-based approach

CERN Document Server

Lin, Chung-Wei

2017-01-01

Addressing the rising security issues during the design stages of cyber-physical systems, this book develops a systematic approach to address security at early design stages together with all other design constraints. Cyber-attacks become more threatening as systems are becoming more connected with the surrounding environment, infrastructures, and other systems. Security mechanisms can be designed to protect against attacks and meet security requirements, but there are many challenges of applying security mechanisms to cyber-physical systems including open environments, limited resources, strict timing requirements, and large number of devices. Designed for researchers and professionals, this book is valuable for individuals working in network systems, security mechanisms, and system design. It is also suitable for advanced-level students of computer science. .

Cooperative Monitoring Center Occasional Paper/8: Cooperative Border Security for Jordan: Assessment and Options

Energy Technology Data Exchange (ETDEWEB)

Qojas, M.

1999-03-01

This document is an analysis of options for unilateral and cooperative action to improve the security of Jordan's borders. Sections describe the current political, economic, and social interactions along Jordan's borders. Next, the document discusses border security strategy for cooperation among neighboring countries and the adoption of confidence-building measures. A practical cooperative monitoring system would consist of hardware for early warning, command and control, communications, and transportation. Technical solutions can expand opportunities for the detection and identification of intruders. Sensors (such as seismic, break-wire, pressure-sensing, etc.) can warn border security forces of intrusion and contribute to the identification of the intrusion and help formulate the response. This document describes conceptual options for cooperation, offering three scenarios that relate to three hypothetical levels (low, medium, and high) of cooperation. Potential cooperative efforts under a low cooperation scenario could include information exchanges on military equipment and schedules to prevent misunderstandings and the establishment of protocols for handling emergency situations or unusual circumstances. Measures under a medium cooperation scenario could include establishing joint monitoring groups for better communications, with hot lines and scheduled meetings. The high cooperation scenario describes coordinated responses, joint border patrols, and sharing border intrusion information. Finally, the document lists recommendations for organizational, technical, and operational initiatives that could be applicable to the current situation.

MOBILE DEVICES AND EFFECTIVE INFORMATION SECURITY

Directory of Open Access Journals (Sweden)

Igor Bernik

2013-05-01

Full Text Available Rapidly increasing numbers of sophisticated mobile devices (smart phones, tab computers, etc. all over the world mean that ensuring information security will only become a more pronounced problem for individuals and organizations. It’s important to effectively protect data stored on or accessed by mobile devices, and also during transmission of data between devices and between device and information system. Technological and other trends show, that the cyber threats are also rapidly developing and spreading. It's crucial to educate users about safe usage and to increase their awareness of security issues. Ideally, users should keep-up with technological trends and be well equipped with knowledge otherwise mobile technology will significantly increase security risks. Most important is that we start educating youth so that our next generations of employees will be part of a culture of data and information security awareness.

Security option file - After closure (DOS-AF)

International Nuclear Information System (INIS)

2016-01-01

A first volume presents the context and scope of the Cigeo project, and the scope of this document. It proposes a general presentation of Cigeo, the regulatory framework and standards. It describes the different aspects and components of the security strategy: principles, security functions after closure, objectives of protection, global approach. It proposes a security assessment: objectives, consistency with international practices, assessment steps, scenarios, scenario quantitative assessment. The next part addresses security management. The second volume contains a description of the storage system: site characteristics, types of stored parcels, the future of the installation after its closure. The third volume proposes a security assessment. It addresses the management of risks and uncertainties, describes a scenario of normal evolution and also scenarios of altered evolutions, scenarios of unintentional human intrusion, and what-if type scenarios. The fourth volume reports lessons at the current stage of the project, and gives an overview of important activities from storage design to storage closure

Intrusion Prevention System Based on the Aççess Control Mechanism in the Operating System Miçrosoft Windows

Directory of Open Access Journals (Sweden)

V. S. Matveeva

2012-03-01

Full Text Available It is suggested to implement an intrusion prevention system based on the access control mechanism of Microsoft Windows operating system to restrict the execution of malicious code. Most of the existing computer security facilities use behavioral and heuristic analyses based on an undocumented method of system calls interception that is not an uniform approach in designing of proactive security mechanism. The IPS is portable among different versions of the OS because it is implemented with documented functions only, it does not need to be updated and uses less system resources in comparison with another protection systems. The system protects from zero-day malware and therefore prevents companies from online-banking fraud that is a very actual problem of information security nowadays.

Hybrid-secure MPC 

DEFF Research Database (Denmark)

Lucas, Christoph; Raub, Dominik; Maurer, Ueli

2010-01-01

of the adversary, without being aware of the actual adversarial setting. Thus, hybrid-secure MPC protocols allow for graceful degradation of security. We present a hybrid-secure MPC protocol that provides an optimal trade-off between IT robustness and computational privacy: For any robustness parameter ρ ... obtain one MPC protocol that is simultaneously IT secure with robustness for up to t ≤ ρ actively corrupted parties, IT secure with fairness (no robustness) for up to t ... in the universal composability (UC) framework (based on a network of secure channels, a broadcast channel, and a common reference string). It achieves the bound on the trade-off between robustness and privacy shown by Ishai et al. [CRYPTO'06] and Katz [STOC'07], the bound on fairness shown by Cleve [STOC'86...

A Targeted Attack For Enhancing Resiliency of Intelligent Intrusion Detection Modules in Energy Cyber Physical Systems

Energy Technology Data Exchange (ETDEWEB)

Youssef, Tarek [Florida Intl Univ., Miami, FL (United States); El Hariri, Mohammad [Florida Intl Univ., Miami, FL (United States); Habib, Hani [Florida Intl Univ., Miami, FL (United States); Mohammed, Osama [Florida Intl Univ., Miami, FL (United States); Harmon, E [Florida Intl Univ., Miami, FL (United States)

2017-02-28

Abstract— Secure high-speed communication is required to ensure proper operation of complex power grid systems and prevent malicious tampering activities. In this paper, artificial neural networks with temporal dependency are introduced for false data identification and mitigation for broadcasted IEC 61850 SMV messages. The fast responses of such intelligent modules in intrusion detection make them suitable for time- critical applications, such as protection. However, care must be taken in selecting the appropriate intelligence model and decision criteria. As such, this paper presents a customizable malware script to sniff and manipulate SMV messages and demonstrates the ability of the malware to trigger false positives in the neural network’s response. The malware developed is intended to be as a vaccine to harden the intrusion detection system against data manipulation attacks by enhancing the neural network’s ability to learn and adapt to these attacks.

Salt water intrusion on Uznam Island - 'Wydrzany' water intake

International Nuclear Information System (INIS)

Kochaniec, M.

1999-01-01

Aquifers of Uznam Island have high risk of saline water intrusion due to geographical and geological location. Hydrogeological and geophysical researchers were taken up in order to evaluate changes in intrusion of saline water into aquifer of Uznam Island. Water intake named 'Wydrzany' was built in south part of island in 1973. Since 1975 geophysical research has shown intrusion of salt water from reservoirs and bedrock due to withdrawn of water. In 1997 geoelectrical researches evaluated changes which have taken place since 1975 in saline water intrusion into aquifers of Uznam Island. The last research result showed that intrusion front moved 1100 m to the centre of island in comparison with situation in 1975. (author)

Human intrusion: issues concerning its assessment

International Nuclear Information System (INIS)

Grimwood, P.D.; Smith, G.M.

1989-01-01

The potential significance of human intrusion in the performance assessment of radioactive waste repositories has been increasingly recognized in recent years. It is however an area of assessment in which subjective judgments dominate. This paper identifies some of the issues involved. These include regulatory criteria, scenario development, probability assignment, consequence assessment and measures to mitigate human intrusion

INL Control System Situational Awareness Technology Annual Report 2012

Energy Technology Data Exchange (ETDEWEB)

Gordon Rueff; Bryce Wheeler; Todd Vollmer; Tim McJunkin; Robert Erbes

2012-10-01

The overall goal of this project is to develop an interoperable set of tools to provide a comprehensive, consistent implementation of cyber security and overall situational awareness of control and sensor network implementations. The operation and interoperability of these tools will fill voids in current technological offerings and address issues that remain an impediment to the security of control systems. This report provides an FY 2012 update on the Sophia, Mesh Mapper, Intelligent Cyber Sensor, and Data Fusion projects with respect to the year-two tasks and annual reporting requirements of the INL Control System Situational Awareness Technology report (July 2010).

Computer network security and cyber ethics

CERN Document Server

Kizza, Joseph Migga

2014-01-01

In its 4th edition, this book remains focused on increasing public awareness of the nature and motives of cyber vandalism and cybercriminals, the weaknesses inherent in cyberspace infrastructure, and the means available to protect ourselves and our society. This new edition aims to integrate security education and awareness with discussions of morality and ethics. The reader will gain an understanding of how the security of information in general and of computer networks in particular, on which our national critical infrastructure and, indeed, our lives depend, is based squarely on the individ

Magmatic intrusions in the lunar crust

Science.gov (United States)

Michaut, C.; Thorey, C.

2015-10-01

The lunar highlands are very old, with ages covering a timespan between 4.5 to 4.2 Gyr, and probably formed by flotation of light plagioclase minerals on top of the lunar magma ocean. The lunar crust provides thus an invaluable evidence of the geological and magmatic processes occurring in the first times of the terrestrial planets history. According to the last estimates from the GRAIL mission, the lunar primary crust is particularly light and relatively thick [1] This low-density crust acted as a barrier for the dense primary mantle melts. This is particularly evident in the fact that subsequent mare basalts erupted primarily within large impact basin: at least part of the crust must have been removed for the magma to reach the surface. However, the trajectory of the magma from the mantle to the surface is unknown. Using a model of magma emplacement below an elastic overlying layer with a flexural wavelength Λ, we characterize the surface deformations induced by the presence of shallow magmatic intrusions. We demonstrate that, depending on its size, the intrusion can show two different shapes: a bell shape when its radius is smaller than 4 times Λ or a flat top with small bended edges if its radius is larger than 4 times Λ[2]. These characteristic shapes for the intrusion result in characteristic deformations at the surface that also depend on the topography of the layer overlying the intrusion [3].Using this model we provide evidence of the presence of intrusions within the crust of the Moon as surface deformations in the form of low-slope lunar domes and floor-fractured craters. All these geological features have morphologies consistent with models of magma spreading at depth and deforming an overlying elastic layer. Further more,at floor-fractured craters, the deformation is contained within the crater interior, suggesting that the overpressure at the origin of magma ascent and intrusion was less than the pressure due to the weight of the crust removed by

Corticostriatal circuitry in regulating diseases characterized by intrusive thinking.

Science.gov (United States)

Kalivas, Benjamin C; Kalivas, Peter W

2016-03-01

Intrusive thinking triggers clinical symptoms in many neuropsychiatric disorders. Using drug addiction as an exemplar disorder sustained in part by intrusive thinking, we explore studies demonstrating that impairments in corticostriatal circuitry strongly contribute to intrusive thinking. Neuroimaging studies have long implicated this projection in cue-induced craving to use drugs, and preclinical models show that marked changes are produced at corticostriatal synapses in the nucleus accumbens during a relapse episode. We delineate an accumbens microcircuit that mediates cue-induced drug seeking becoming an intrusive event. This microcircuit harbors many potential therapeutic targets. We focus on preclinical and clinical studies, showing that administering N-acetylcysteine restores uptake of synaptic glutamate by astroglial glutamate transporters and thereby inhibits intrusive thinking. We posit that because intrusive thinking is a shared endophenotype in many disorders, N-acetylcysteine has positive effects in clinical trials for a variety of neuropsychiatric disorders, including drug addiction, gambling, trichotillomania, and depression.

Adaptive intrusion data system

International Nuclear Information System (INIS)

Johnson, C.S.

1976-01-01

An Adaptive Intrusion Data System (AIDS) was developed to collect data from intrusion alarm sensors as part of an evaluation system to improve sensor performance. AIDS is a unique digital data compression, storage, and formatting system. It also incorporates capability for video selection and recording for assessment of the sensors monitored by the system. The system is software reprogrammable to numerous configurations that may be utilized for the collection of environmental, bi-level, analog and video data. The output of the system is digital tapes formatted for direct data reduction on a CDC 6400 computer, and video tapes containing timed tagged information that can be correlated with the digital data

MUSES RT2AE V P/DP: On the Road to Privacy-Friendly Security Technologies in the Workplace

OpenAIRE

Van Der Sype, Yung Shin Marleen; Guislain, Jonathan; Seigneur, Jean-Marc; Titi, Xavier

2016-01-01

Successful protection of company data assets requires strong technological support. As many security incidents still occur from within, security technologies often include elements to monitor the behaviour of employees. As those security systems are considered as privacy-intrusive, they are hard to align with the privacy and data protection rights of the employees of the company. Even though there is currently no legal obligation for developers to embed privacy and data protection in security...

Development of a self-navigating mobile interior robot application as a security guard/sentry

International Nuclear Information System (INIS)

Klarer, P.R.; Harrington, J.J.

1986-07-01

This paper describes a mobile robot system designed to function as part of an overall security system at a high security facility. The features of this robot system include specialized software and sensors for navigation without the need for external locator beacons or signposts, sensors for remote imaging and intruder detection, and the ability to communicate information either directly to the electronic portion of the security system or to a manned central control center. Other desirable features of the robot system include low weight, compact size, and low power consumption. The robot system can be operated either by remote manual control, or it can operate autonomously where direct human control can be limited to the global command level. The robot can act as a mobile remote sensing platform for alarm assessment or roving patrol, as a point sensor (sentry) in routine security applications, or as an exploratory device in situations potentially hazardous to humans. This robot system may also be used to ''walk-test'' intrusion detection sensors as part of a routine test and maintenance program for an interior intrusion detection system. The hardware, software, and operation of this robot system will be briefly described herein

Software Security and the "Building Security in Maturity" Model

CERN Document Server

CERN. Geneva

2011-01-01

Using the framework described in my book "Software Security: Building Security In" I will discuss and describe the state of the practice in software security. This talk is peppered with real data from the field, based on my work with several large companies as a Cigital consultant. As a discipline, software security has made great progress over the last decade. Of the sixty large-scale software security initiatives we are aware of, thirty-two---all household names---are currently included in the BSIMM study. Those companies among the thirty-two who graciously agreed to be identified include: Adobe, Aon, Bank of America, Capital One, The Depository Trust & Clearing Corporation (DTCC), EMC, Google, Intel, Intuit, McKesson, Microsoft, Nokia, QUALCOMM, Sallie Mae, Standard Life, SWIFT, Symantec, Telecom Italia, Thomson Reuters, VMware, and Wells Fargo. The BSIMM was created by observing and analyzing real-world data from thirty-two leading software security initiatives. The BSIMM can...

Idaho National Laboratory Supervisory Control and Data Acquisition Intrusion Detection System (SCADA IDS)

Energy Technology Data Exchange (ETDEWEB)

Jared Verba; Michael Milvich

2008-05-01

Current Intrusion Detection System (IDS) technology is not suited to be widely deployed inside a Supervisory, Control and Data Acquisition (SCADA) environment. Anomaly- and signature-based IDS technologies have developed methods to cover information technology-based networks activity and protocols effectively. However, these IDS technologies do not include the fine protocol granularity required to ensure network security inside an environment with weak protocols lacking authentication and encryption. By implementing a more specific and more intelligent packet inspection mechanism, tailored traffic flow analysis, and unique packet tampering detection, IDS technology developed specifically for SCADA environments can be deployed with confidence in detecting malicious activity.

Episodic intrusion, internal differentiation, and hydrothermal alteration of the miocene tatoosh intrusive suite south of Mount Rainier, Washington

Science.gov (United States)

du Bray, E.A.; Bacon, C.R.; John, D.A.; Wooden, J.L.; Mazdab, F.K.

2011-01-01

The Miocene Tatoosh intrusive suite south of Mount Rainier is composed of three broadly granodioritic plutons that are manifestations of ancestral Cascades arc magmatism. Tatoosh intrusive suite plutons have individually diagnostic characteristics, including texture, mineralogy, and geochemistry, and apparently lack internal contacts. New ion-microprobe U-Pb zircon ages indicate crystallization of the Stevens pluton ca. 19.2 Ma, Reflection-Pyramid pluton ca. 18.5 Ma, and Nisqually pluton ca. 17.5 Ma. The Stevens pluton includes rare, statistically distinct ca. 20.1 Ma zircon antecrysts. Wide-ranging zircon rare earth element (REE), Hf, U, and Th concentrations suggest late crystallization from variably evolved residual liquids. Zircon Eu/Eu*-Hf covariation is distinct for each of the Reflection-Pyramid, Nisqually, and Stevens plutons. Although most Tatoosh intrusive suite rocks have been affected by weak hydrothermal alteration, and sparse mineralized veins cut some of these rocks, significant base or precious metal mineralization is absent. At the time of shallow emplacement, each of these magma bodies was largely homogeneous in bulk composition and petrographic features, but, prior to final solidification, each of the Tatoosh intrusive suite plutons developed internal compositional variation. Geochemical and petrographic trends within each pluton are most consistent with differential loss of residual melt, possibly represented by late aplite dikes or erupted as rhyolite, from crystal-rich magma. Crystal-rich magma that formed each pluton evidently accumulated in reservoirs below the present level of exposure and then intruded to a shallow depth. Assembled by episodic intrusion, the Tatoosh intrusive suite may be representative of midsized composite plutonic complexes beneath arc volcanoes. ?? 2011 Geological Society of America.

The study and implementation of the wireless network data security model

Science.gov (United States)

Lin, Haifeng

2013-03-01

In recent years, the rapid development of Internet technology and the advent of information age, people are increasing the strong demand for the information products and the market for information technology. Particularly, the network security requirements have become more sophisticated. This paper analyzes the wireless network in the data security vulnerabilities. And a list of wireless networks in the framework is the serious defects with the related problems. It has proposed the virtual private network technology and wireless network security defense structure; and it also given the wireless networks and related network intrusion detection model for the detection strategies.

Evidential reasoning research on intrusion detection

Science.gov (United States)

Wang, Xianpei; Xu, Hua; Zheng, Sheng; Cheng, Anyu

2003-09-01

In this paper, we mainly aim at D-S theory of evidence and the network intrusion detection these two fields. It discusses the method how to apply this probable reasoning as an AI technology to the Intrusion Detection System (IDS). This paper establishes the application model, describes the new mechanism of reasoning and decision-making and analyses how to implement the model based on the synscan activities detection on the network. The results suggest that if only rational probability values were assigned at the beginning, the engine can, according to the rules of evidence combination and hierarchical reasoning, compute the values of belief and finally inform the administrators of the qualities of the traced activities -- intrusions, normal activities or abnormal activities.

PBF: A New Privacy-Aware Billing Framework for Online Electric Vehicles with Bidirectional Auditability

Directory of Open Access Journals (Sweden)

Rasheed Hussain

2017-01-01

Full Text Available Recently an online electric vehicle (OLEV concept has been introduced, where vehicles are propelled by the wirelessly transmitted electrical power from the infrastructure installed under the road while moving. The absence of secure-and-fair billing is one of the main hurdles to widely adopt this promising technology. This paper introduces a new secure and privacy-aware fair billing framework for OLEV on the move through the charging plates installed under the road. We first propose two extreme lightweight mutual authentication mechanisms, a direct authentication and a hash chain-based authentication between vehicles and the charging plates that can be used for different vehicular speeds on the road. Second, we propose a secure and privacy-aware wireless power transfer on move for the vehicles with bidirectional auditability guarantee by leveraging game theoretic approach. Each charging plate transfers a fixed amount of energy to the vehicle and bills the vehicle in a privacy-aware way accordingly. Our protocol guarantees secure, privacy-aware, and fair billing mechanism for the OLEVs while receiving electric power from the infrastructure installed under the road. Moreover, our proposed framework can play a vital role in eliminating the security and privacy challenges in the deployment of power transfer technology to the OLEVs.

New computer security campaign

CERN Multimedia

Alizée Dauvergne

2010-01-01

A new campaign is taking shape to promote computer security. The slogan “SEC_RITY is not complete without U!” reminds users of the importance of their contribution. The campaign kicks off on 10 June with a public awareness day in the Council Chamber.   The new campaign, organised by CERN’s computer security team, will focus on prevention and involving the user. “This is an education and awareness-raising campaign for all users at CERN,” explains Stefan Lueders, in charge of computer security. “Every day, we register thousands of computer attacks against CERN: there are attempts to tamper with web pages, hack into user accounts, take over servers, and much more. A successful attack could mean confidential user information being divulged, services being interrupted or data being lost. It could even affect operations at CERN. Another factor is the damage that a successful attack could inflict on the Organization’s reputation. &...

Applied network security monitoring collection, detection, and analysis

CERN Document Server

Sanders, Chris

2013-01-01

Applied Network Security Monitoring is the essential guide to becoming an NSM analyst from the ground up. This book takes a fundamental approach to NSM, complete with dozens of real-world examples that teach you the key concepts of NSM. Network security monitoring is based on the principle that prevention eventually fails. In the current threat landscape, no matter how much you try, motivated attackers will eventually find their way into your network. At that point, it is your ability to detect and respond to that intrusion that can be the difference between a small incident and a major di

Nuclear security assessment with Markov model approach

International Nuclear Information System (INIS)

Suzuki, Mitsutoshi; Terao, Norichika

2013-01-01

Nuclear security risk assessment with the Markov model based on random event is performed to explore evaluation methodology for physical protection in nuclear facilities. Because the security incidences are initiated by malicious and intentional acts, expert judgment and Bayes updating are used to estimate scenario and initiation likelihood, and it is assumed that the Markov model derived from stochastic process can be applied to incidence sequence. Both an unauthorized intrusion as Design Based Threat (DBT) and a stand-off attack as beyond-DBT are assumed to hypothetical facilities, and performance of physical protection and mitigation and minimization of consequence are investigated to develop the assessment methodology in a semi-quantitative manner. It is shown that cooperation between facility operator and security authority is important to respond to the beyond-DBT incidence. (author)

BYOD Security: A New Business Challenge

OpenAIRE

Downer, K.; Bhattacharya, Maumita

2016-01-01

Bring Your Own Device (BYOD) is a rapidly growing trend in businesses concerned with information technology. BYOD presents a unique list of security concerns for businesses implementing BYOD policies. Recent publications indicate a definite awareness of risks involved in incorporating BYOD into business, however it is still an underrated issue compared to other IT security concerns. This paper focuses on two key BYOD security issues: security challenges and available frameworks. A taxonomy sp...

Number of Waste Package Hit by Igneous Intrusion

International Nuclear Information System (INIS)

M. Wallace

2004-01-01

The purpose of this scientific analysis report is to document calculations of the number of waste packages that could be damaged in a potential future igneous event through a repository at Yucca Mountain. The analyses include disruption from an intrusive igneous event and from an extrusive volcanic event. This analysis supports the evaluation of the potential consequences of future igneous activity as part of the total system performance assessment for the license application (TSPA-LA) for the Yucca Mountain Project (YMP). Igneous activity is a disruptive event that is included in the TSPA-LA analyses. Two igneous activity scenarios are considered: (1) The igneous intrusion groundwater release scenario (also called the igneous intrusion scenario) considers the in situ damage to waste packages or failure of waste packages that occurs if they are engulfed or otherwise affected by magma as a result of an igneous intrusion. (2) The volcanic eruption scenario depicts the direct release of radioactive waste due to an intrusion that intersects the repository followed by a volcanic eruption at the surface. An igneous intrusion is defined as the ascent of a basaltic dike or dike system (i.e., a set or swarm of multiple dikes comprising a single intrusive event) to repository level, where it intersects drifts. Magma that does reach the surface from igneous activity is an eruption (or extrusive activity) (Jackson 1997 [DIRS 109119], pp. 224, 333). The objective of this analysis is to develop a probabilistic measure of the number of waste packages that could be affected by each of the two scenarios

Secure Access Control and Authority Delegation Based on Capability and Context Awareness for Federated IoT

DEFF Research Database (Denmark)

Anggorojati, Bayu; Mahalle, Parikshit N.; Prasad, Neeli R.

2013-01-01

Access control is a critical functionality in Internet of Things (IoT), and it is particularly promising to make access control secure, efficient and generic in a distributed environment. Another an important property of access control system in the IoT is flexibility which can be achieved...... by access or authority delegation. Delegation mechanisms in access control that have been studied until now have been intended mainly for a system that has no resource constraint, such as a web-based system, which is not very suitable for a highly pervasive system such as IoT. This chapter presents...... the Capability-based Context Aware Access Control (CCAAC) model including the authority delegation method, along with specification and protocol evaluation intended for federated Machine-to-Machine (M2M)/IoT. By using the identity and capability-based access control approach together with the contextual...

Conceptual Design Approach to Implementing Hardware-based Security Controls in Data Communication Systems

International Nuclear Information System (INIS)

Ibrahim, Ahmad Salah; Jung, Jaecheon

2016-01-01

In the Korean Advanced Power Reactor (APR1400), safety control systems network is electrically isolated and physically separated from non-safety systems data network. Unidirectional gateways, include data diode fiber-optic cabling and computer-based servers, transmit the plant safety critical parameters to the main control room (MCR) for control and monitoring processes. The data transmission is only one-way from safety to non-safety. Reverse communication is blocked so that safety systems network is protected from potential cyberattacks or intrusions from non-safety side. Most of commercials off-the-shelf (COTS) security devices are software-based solutions that require operating systems and processors to perform its functions. Field Programmable Gate Arrays (FPGAs) offer digital hardware solutions to implement security controls such as data packet filtering and deep data packet inspection. This paper presents a conceptual design to implement hardware-based network security controls for maintaining the availability of gateway servers. A conceptual design of hardware-based network security controls was discussed in this paper. The proposed design is aiming at utilizing the hardware-based capabilities of FPGAs together with filtering and DPI functions of COTS software-based firewalls and intrusion detection and prevention systems (IDPS). The proposed design implemented a network security perimeter between the DCN-I zone and gateway servers zone. Security control functions are to protect the gateway servers from potential DoS attacks that could affect the data availability and integrity

Conceptual Design Approach to Implementing Hardware-based Security Controls in Data Communication Systems

Energy Technology Data Exchange (ETDEWEB)

Ibrahim, Ahmad Salah; Jung, Jaecheon [KEPCO International Nuclear Graduate School, Ulsan (Korea, Republic of)

2016-10-15

In the Korean Advanced Power Reactor (APR1400), safety control systems network is electrically isolated and physically separated from non-safety systems data network. Unidirectional gateways, include data diode fiber-optic cabling and computer-based servers, transmit the plant safety critical parameters to the main control room (MCR) for control and monitoring processes. The data transmission is only one-way from safety to non-safety. Reverse communication is blocked so that safety systems network is protected from potential cyberattacks or intrusions from non-safety side. Most of commercials off-the-shelf (COTS) security devices are software-based solutions that require operating systems and processors to perform its functions. Field Programmable Gate Arrays (FPGAs) offer digital hardware solutions to implement security controls such as data packet filtering and deep data packet inspection. This paper presents a conceptual design to implement hardware-based network security controls for maintaining the availability of gateway servers. A conceptual design of hardware-based network security controls was discussed in this paper. The proposed design is aiming at utilizing the hardware-based capabilities of FPGAs together with filtering and DPI functions of COTS software-based firewalls and intrusion detection and prevention systems (IDPS). The proposed design implemented a network security perimeter between the DCN-I zone and gateway servers zone. Security control functions are to protect the gateway servers from potential DoS attacks that could affect the data availability and integrity.

A study on the promotion of nuclear security culture

International Nuclear Information System (INIS)

Tamai, Hiroshi; Tazaki, Makiko; Kokaji, Lisa; Shimizu, Ryo; Suda, Kazunori

2015-01-01

In recent years the promotion of nuclear security culture aiming at strengthening nuclear security is extensively mentioned, however, awareness of nuclear security culture seems to be not much high compared to the permeation of nuclear safety culture. As a world's leading country of peaceful nuclear use, permeation of nuclear security culture into various social classes must be one of important issues in Japan. Learning from the TEPCO Fukushima Daiichi nuclear power plant accident, complementarity between nuclear safety and nuclear security in the aspect of both protection measures has been profoundly recognised. Therefore, it will be natural to promote nuclear security culture modelled on the preceding nuclear safety culture. On this standpoint, the paper examines an approach for the promotion of nuclear security culture which, for example, consists of awareness cultivation, attitude progress, permeation assessment, and resulting in the establishment of PDCA Cycle. (author)

Method for secure electronic voting system: face recognition based approach

Science.gov (United States)

Alim, M. Affan; Baig, Misbah M.; Mehboob, Shahzain; Naseem, Imran

2017-06-01

In this paper, we propose a framework for low cost secure electronic voting system based on face recognition. Essentially Local Binary Pattern (LBP) is used for face feature characterization in texture format followed by chi-square distribution is used for image classification. Two parallel systems are developed based on smart phone and web applications for face learning and verification modules. The proposed system has two tire security levels by using person ID followed by face verification. Essentially class specific threshold is associated for controlling the security level of face verification. Our system is evaluated three standard databases and one real home based database and achieve the satisfactory recognition accuracies. Consequently our propose system provides secure, hassle free voting system and less intrusive compare with other biometrics.

Security Implications of Typical Grid Computing Usage Scenarios

International Nuclear Information System (INIS)

Humphrey, Marty; Thompson, Mary R.

2001-01-01

A Computational Grid is a collection of heterogeneous computers and resources spread across multiple administrative domains with the intent of providing users uniform access to these resources. There are many ways to access the resources of a Computational Grid, each with unique security requirements and implications for both the resource user and the resource provider. A comprehensive set of Grid usage scenarios are presented and analyzed with regard to security requirements such as authentication, authorization, integrity, and confidentiality. The main value of these scenarios and the associated security discussions are to provide a library of situations against which an application designer can match, thereby facilitating security-aware application use and development from the initial stages of the application design and invocation. A broader goal of these scenarios are to increase the awareness of security issues in Grid Computing

Security Implications of Typical Grid Computing Usage Scenarios

Energy Technology Data Exchange (ETDEWEB)

Humphrey, Marty; Thompson, Mary R.

2001-06-05

A Computational Grid is a collection of heterogeneous computers and resources spread across multiple administrative domains with the intent of providing users uniform access to these resources. There are many ways to access the resources of a Computational Grid, each with unique security requirements and implications for both the resource user and the resource provider. A comprehensive set of Grid usage scenarios are presented and analyzed with regard to security requirements such as authentication, authorization, integrity, and confidentiality. The main value of these scenarios and the associated security discussions are to provide a library of situations against which an application designer can match, thereby facilitating security-aware application use and development from the initial stages of the application design and invocation. A broader goal of these scenarios are to increase the awareness of security issues in Grid Computing.

Effect of Organizational Factors on Information Security Implementations

Science.gov (United States)

Perez, Rafael G.

2013-01-01

The purpose of this quantitative inferential study is to determine the level of correlation between the organizational factors of information security awareness, balanced security processes, and organizational structure with the size of the estimation gap of information security implementations mediated by the end user intentionality. The study…

Intrusion problematic during water supply systems' operation

Energy Technology Data Exchange (ETDEWEB)

Mora-Rodriguez, Jesus; Lopez-Jimenez, P. Amparo [Departamento de Ingenieria Hidraulica y Medio Ambiente, Universidad Politecnica de Valencia, Camino de Vera, s/n, 46022, Valencia (Spain); Ramos, Helena M. [Civil Engineering Department and CEHIDRO, Instituto Superior Tecnico, Technical University of Lisbon, Av. Rovisco Pais, 1049-001, Lisbon (Portugal)

2011-07-01

Intrusion through leaks occurrence is a phenomenon when external fluid comes into water pipe systems. This phenomenon can cause contamination problems in drinking pipe systems. Hence, this paper focuses on the entry of external fluids across small leaks during normal operation conditions. This situation is especially important in elevated points of the pipe profile. Pressure variations can origin water volume losses and intrusion of contaminants into the drinking water pipes. This work focuses in obtaining up the physical representation on a specific case intrusion in a pipe water system. The combination of two factors is required to generate this kind of intrusion in a water supply system: on one hand the existence of at least a leak in the system; on the other hand, a pressure variation could occur during the operation of the system due to consumption variation, pump start-up or shutdown. The potential of intrusion during a dynamic or transient event is here analyzed. To obtain this objective an experimental case study of pressure transient scenario is analyzed with a small leak located nearby the transient source.

Successive reactive liquid flow episodes in a layered intrusion (Unit 9, Rum Eastern Layered Intrusion, Scotland)

Science.gov (United States)

Leuthold, Julien; Blundy, Jon; Holness, Marian

2014-05-01

We will present a detailed microstructural and geochemical study of reactive liquid flow in Unit 9 of the Rum Eastern Layered Intrusion. In the study region, Unit 9 comprises an underlying lens-like body of peridotite overlain by a sequence of troctolite and gabbro (termed allivalite), with some local and minor anorthosite. The troctolite is separated from the overlying gabbro by a distinct, sub-horizontal, undulose horizon (the major wavy horizon). Higher in the stratigraphy is another, similar, horizon (the minor wavy horizon) that separates relatively clinopyroxene-poor gabbro from an overlying gabbro. To the north of the peridotite lens, both troctolite and gabbro grade into poikilitic gabbro. Clinopyroxene habit in the allivalite varies from thin rims around olivine in troctolite, to equigranular crystals in gabbro, to oikocrysts in the poikilitic gabbro. The poikilitic gabbros contain multiple generations of clinopyroxene, with Cr-rich (~1.1 wt.% Cr2O3), anhedral cores with moderate REE concentrations (core1) overgrown by an anhedral REE-depleted second generation with moderate Cr (~0.7 wt.% Cr2O3) (core2). These composite cores are rimmed by Cr-poor (~0.2 wt.% Cr2O3) and REE-poor to moderate clinopyroxene. We interpret these microstructures as a consequence of two separate episodes of partial melting triggered by the intrusion of hot olivine-phyric picrite to form the discontinuous lenses that comprise the Unit 9 peridotite. Loss of clinopyroxene-saturated partial melt from the lower part of the allivalite immediately following the early stages of sill intrusion resulted in the formation of clinopyroxene-poor gabbro. The spatial extent of clinopyroxene loss is marked by the minor wavy horizon. A further partial melting event stripped out almost all clinopyroxene from the lowest allivalite, to form a troctolite, with the major wavy horizon marking the extent of melting during this second episode. The poikilitic gabbro formed from clinopyroxene-saturated melt

A Study on Corporate Security Awareness and Compliance Behavior Intent

Science.gov (United States)

Clark, Christine Y.

2013-01-01

Understanding the drivers to encourage employees' security compliance behavior is increasingly important in today's highly networked environment to protect computer and information assets of the company. The traditional approach for corporations to implement technology-based controls, to prevent security breaches is no longer sufficient.…

21st Century Security Manager

Directory of Open Access Journals (Sweden)

Stelian ARION

2010-11-01

Full Text Available We live in world of uncertainty that generates major paradigms changing that affect security risk management. Modern organization’s security risks management can’t be done without a profound knowlegde and daily practice for security governance, security risk management and resilience. 21st Century security manager need to deal with several areas of konwledge in order to succesfully manage security risks. The document presents the advantages, disadvantages and challenges for security managers thah have government backgroud, or IT security backgroud, or are promoted from organization’s inside leaders. There are six different areas of knowledge that successful security programs of the future must incorporate, either in the knowledge base of their leaders or in the collective knowledge of the leading staff. They are government elements, security organization, emerging issue awareness, IT security, business elements and executive leadership.

Implementing healthcare information security: standards can help.

Science.gov (United States)

Orel, Andrej; Bernik, Igor

2013-01-01

Using widely spread common approaches to systems security in health dedicated controlled environments, a level of awareness, confidence and acceptance of relevant standardisation is evaluated. Patients' information is sensitive, so putting appropriate organisational techniques as well as modern technology in place to secure health information is of paramount importance. Mobile devices are becoming the top priorities in advanced information security planning with healthcare environments being no exception. There are less and less application areas in healthcare without having a need for a mobile functionality which represents an even greater information security challenge. This is also true in emergency treatments, rehabilitation and homecare just to mention a few areas outside hospital controlled environments. Unfortunately quite often traditional unsecured communications principles are still in routine use for communicating sensitive health related information. The security awareness level with users, patients and care professionals is not high enough so potential threats and risks may not be addressed and the respective information security management is therefore weak. Standards like ISO/IEC 27000 ISMS family, the ISO/IEC 27799 information security guidelines in health are often not well known, but together with legislation principles such as HIPAA, they can help.

Farmers’ Awareness of Ecosystem Services and the Associated Policy Implications

Directory of Open Access Journals (Sweden)

Fangfang Xun

2017-09-01

Full Text Available This study analyzes the primary factors influencing farmers’ awareness of ecosystem services. This study, through questionnaires, conducts research on farmers’ awareness of and demand for ecosystem service functions. The research encapsulates 156 households from 21 groups of villagers in the Guangxi Karst Ecological Immigration District in China. The results of the factors influencing farmers’ awareness of ecosystem services, analyzed using a regression model, show that: (1 Farmers are concerned with ecosystem service functions that directly benefit them; however, they do not sufficiently understand the ecosystem’s ecological security maintenance or cultural landscape functions; (2 Farmers’ awareness of ecosystem service functions is not consistent with their corresponding demand, including the ecosystem’s leisure and entertainment, social security, disaster prevention and water purification services; (3 Education level, land area cultivated by the household, proportion of the household’s income from agriculture and immigration status directly affect farmers’ awareness of ecosystem services; (4 Farmers’ personal characteristics, family characteristics and subjective attitudes have different effects on the level of ecological service cognition. Understanding farmers’ awareness of ecosystem services, and the influencing factors can help policymakers and development managers plan local development and policies, and enable harmonious development of the human-earth system in immigration regions of China.

Perceived illness intrusions among continuous ambulatory peritoneal dialysis patients

Directory of Open Access Journals (Sweden)

Usha Bapat

2012-01-01

Full Text Available To study the perceived illness intrusion of continuous ambulatory peritoneal dialysis (CAPD patients, to examine their demographics, and to find out the association among demographics, duration of illness as well as illness intrusion, 40 chronic kidney disease stage V patients on CAPD during 2006-2007 were studied. Inclusion criteria were patients′ above 18 years, willing, stable, and completed at least two months of dialysis. Those with psychiatric co-morbidity were excluded. Sociodemographics were collected using a semi-structured interview schedule. A 14-item illness intrusion checklist covering various aspects of life was administered. The subjects had to rate the illness intrusion in their daily life and the extent of intrusion. The data was analyzed using descriptive statistics and chi square test of association. The mean age of the subjects was 56.05 ± 10.05 years. There was near equal distribution of gender. 82.5% were married, 70.0% belonged to Hindu religion, 45.0% were pre-degree, 25.0% were employed, 37.5% were housewives and 30.0% had retired. 77.5% belonged to the upper socioeconomic strata, 95.0% were from an urban background and 65.0% were from nuclear families. The mean duration of dialysis was 19.0 ± 16.49 months. Fifty-eight percent of the respondents were performing the dialysis exchanges by themselves. More than 95.0%were on three or four exchanges per day. All the 40 subjects reported illness intrusion in their daily life. Intrusion was perceived to some extent in the following areas: health 47.5%, work 25.0%, finance 37.5%, diet 40.0%, and psychological 50.0%. Illness had not intruded in the areas of relationship with spouse 52.5%, sexual life 30.0%, with friends 92.5%, with family 85.5%, social functions 52.5%, and religious functions 75.0%. Statistically significant association was not noted between illness intrusion and other variables. CAPD patients perceived illness intrusion to some extent in their daily life

Uncertainty and Risk Management in Cyber Situational Awareness

Science.gov (United States)

Li, Jason; Ou, Xinming; Rajagopalan, Raj

Handling cyber threats unavoidably needs to deal with both uncertain and imprecise information. What we can observe as potential malicious activities can seldom give us 100% confidence on important questions we care about, e.g. what machines are compromised and what damage has been incurred. In security planning, we need information on how likely a vulnerability can lead to a successful compromise to better balance security and functionality, performance, and ease of use. These information are at best qualitative and are often vague and imprecise. In cyber situational awareness, we have to rely on such imperfect information to detect real attacks and to prevent an attack from happening through appropriate risk management. This chapter surveys existing technologies in handling uncertainty and risk management in cyber situational awareness.

Secure Data Transfer Guidance for Industrial Control and SCADA Systems

Energy Technology Data Exchange (ETDEWEB)

Mahan, Robert E.; Fluckiger, Jerry D.; Clements, Samuel L.; Tews, Cody W.; Burnette, John R.; Goranson, Craig A.; Kirkham, Harold

2011-09-01

This document was developed to provide guidance for the implementation of secure data transfer in a complex computational infrastructure representative of the electric power and oil and natural gas enterprises and the control systems they implement. For the past 20 years the cyber security community has focused on preventative measures intended to keep systems secure by providing a hard outer shell that is difficult to penetrate. Over time, the hard exterior, soft interior focus changed to focus on defense-in-depth adding multiple layers of protection, introducing intrusion detection systems, more effective incident response and cleanup, and many other security measures. Despite much larger expenditures and more layers of defense, successful attacks have only increased in number and severity. Consequently, it is time to re-focus the conventional approach to cyber security. While it is still important to implement measures to keep intruders out, a new protection paradigm is warranted that is aimed at discovering attempted or real compromises as early as possible. Put simply, organizations should take as fact that they have been, are now, or will be compromised. These compromises may be intended to steal information for financial gain as in the theft of intellectual property or credentials that lead to the theft of financial resources, or to lie silent until instructed to cause physical or electronic damage and/or denial of services. This change in outlook has been recently confirmed by the National Security Agency [19]. The discovery of attempted and actual compromises requires an increased focus on monitoring events by manual and/or automated log monitoring, detecting unauthorized changes to a system's hardware and/or software, detecting intrusions, and/or discovering the exfiltration of sensitive information and/or attempts to send inappropriate commands to ICS/SCADA (Industrial Control System/Supervisory Control And Data Acquisition) systems.

Biological intrusion barriers for large-volume waste-disposal sites

International Nuclear Information System (INIS)

Hakonson, T.E.; Cline, J.F.; Rickard, W.H.

1982-01-01

intrusion of plants and animals into shallow land burial sites with subsequent mobilization of toxic and radiotoxic materials has occured. Based on recent pathway modeling studies, such intrusions can contribute to the dose received by man. This paper describes past work on developing biological intrusion barrier systems for application to large volume waste site stabilization. State-of-the-art concepts employing rock and chemical barriers are discussed relative to long term serviceability and cost of application. The interaction of bio-intrusion barrier systems with other processes affecting trench cover stability are discussed to ensure that trench cover designs minimize the potential dose to man. 3 figures, 6 tables

Wireless Network Penetration Testing and Security Auditing

Directory of Open Access Journals (Sweden)

Wang Shao-Long

2016-01-01

Full Text Available IEEE802.11 wireless wireless networks have security issues that are vulnerable to a variety of attacks. Due to using radio to transport data, attackers can bypass firewalls, sniff sensitive information, intercept packets and send malicious packets. Security auditing and penetration testing is expected to ensure wireless networks security. The contributions of this work are analyzed the vulnerability and types of attacks pertaining to IEEE 802.11 WLAN, performed well known attacks in a laboratory environment to conduct penetration tests to confirm whether our wireless network is hackable or not. WAIDPS is configured as auditing tool to view wireless attacks, such as WEP/WPA/WPA2 cracking, rouge access points, denial of service attack. WAIDPS is designed to detect wireless intrusion with additional features. Penetration testing and auditing will mitigate the risk and threatening to protect WALN.

Corticostriatal circuitry in regulating diseases characterized by intrusive thinking

OpenAIRE

Kalivas, Benjamin C.; Kalivas, Peter W.

2016-01-01

Intrusive thinking triggers clinical symptoms in many neuropsychiatric disorders. Using drug addiction as an exemplar disorder sustained in part by intrusive thinking, we explore studies demonstrating that impairments in corticostriatal circuitry strongly contribute to intrusive thinking. Neuroimaging studies have long implicated this projection in cue-induced craving to use drugs, and preclinical models show that marked changes are produced at corticostriatal synapses in the nucleus accumben...

Identification of Human Intrusion Types into Radwaste Disposal Facility

International Nuclear Information System (INIS)

Budi Setiawan

2007-01-01

Human intrusion has long been recognized as a potentially important post-closure safety issue for rad waste disposal facility. It is due to the difficulties in predicting future human activities. For the preliminary study of human intrusion, identification of human intrusion types need to be recognized and investigated also the approaching of problem solving must be known to predict the prevention act and accepted risk. (author)

Perceived illness intrusion among patients on hemodialysis

International Nuclear Information System (INIS)

Bapat, Usha; Kedlaya, Prashanth G; Gokulnath

2009-01-01

Dialysis therapy is extremely stressful as it interferes with all spheres of daily activities of the patients. This study is aimed at understanding the perceived illness intrusion among patients on hemodialysis (HD) and to find the association between illness intrusion and patient demo-graphics as well as duration of dialysis. A cross sectional study involving 90 patients with chronic kidney disease (CKD) stage V, on HD was performed during the period from 2005 to 2006. The subjects included were above 18 years of age, willing, stable and on dialysis for at least two months. Patients with psychiatric co-morbidity were excluded. A semi-structured interview schedule covering sociodemographics and a 13 item illness intrusion checklist covering the various aspects of life was carried out. The study patients were asked to rate the illness intrusion and the extent. The data were analyzed statistically. The mean age of the subjects was 50.28 + - 13.69 years, males were predominant (85%), 73% were married, 50% belonged to Hindu religion, 25% had pre-degree education, 25% were employed and 22% were housewives. About 40% and 38% of the study patients belonged to middle and upper socio-economic strata respectively; 86% had urban background and lived in nuclear families. The mean duration on dialysis was 24 + - 29.6 months. All the subjects reported illness intrusion to a lesser or greater extent in various areas including: health (44%), work (70%) finance (55%), diet (50%) sexual life (38%) and psychological status (25%). Illness had not intruded in areas of relationship with spouse (67%), friends (76%), family (79%), social (40%) and religious functions (72%). Statistically significant association was noted between illness intrusion and occupation (P= 0.02). (author)

Perceived illness intrusion among patients on hemodialysis

Directory of Open Access Journals (Sweden)

Bapat Usha

2009-01-01

Full Text Available Dialysis therapy is extremely stressful as it interferes with all spheres of daily acti-vities of the patients. This study is aimed at understanding the perceived illness intrusion among pa-tients on hemodialysis (HD and to find the association between illness intrusion and patient demo-graphics as well as duration of dialysis. A cross sectional study involving 90 patients with chronic kidney disease (CKD stage V, on HD was performed during the period from 2005 to 2006. The subjects included were above 18 years of age, willing, stable and on dialysis for at least two months. Patients with psychiatric co-morbidity were excluded. A semi-structured interview schedule covering socio-demographics and a 13 item illness intrusion checklist covering the various aspects of life was ca-rried out. The study patients were asked to rate the illness intrusion and the extent. The data were ana-lyzed statistically. The mean age of the subjects was 50.28 ± 13.69 years, males were predominant (85%, 73% were married, 50% belonged to Hindu religion, 25% had pre-degree education, 25% were employed and 22% were housewives. About 40% and 38% of the study patients belonged to middle and upper socio-economic strata respectively; 86% had urban background and lived in nuclear fami-lies. The mean duration on dialysis was 24 ± 29.6 months. All the subjects reported illness intrusion to a lesser or greater extent in various areas including: health (44%, work (70% finance (55%, diet (50% sexual life (38% and psychological status (25%. Illness had not intruded in areas of rela-tionship with spouse (67%, friends (76%, family (79%, social (40% and religious functions (72%. Statistically significant association was noted between illness intrusion and occupation (P= 0.02.

Security systems engineering overview

International Nuclear Information System (INIS)

Steele, B.J.

1996-01-01

Crime prevention is on the minds of most people today. The concern for public safety and the theft of valuable assets are being discussed at all levels of government and throughout the public sector. There is a growing demand for security systems that can adequately safeguard people and valuable assets against the sophistication of those criminals or adversaries who pose a threat. The crime in this country has been estimated at $70 billion in direct costs and up to $300 billion in indirect costs. Health insurance fraud alone is estimated to cost American businesses $100 billion. Theft, warranty fraud, and counterfeiting of computer hardware totaled $3 billion in 1994. A threat analysis is a prerequisite to any security system design to assess the vulnerabilities with respect to the anticipated threat. Having established a comprehensive definition of the threat, crime prevention, detection, and threat assessment technologies can be used to address these criminal activities. This talk will outline the process used to design a security system regardless of the level of security. This methodology has been applied to many applications including: government high security facilities; residential and commercial intrusion detection and assessment; anti-counterfeiting/fraud detection technologies (counterfeit currency, cellular phone billing, credit card fraud, health care fraud, passport, green cards, and questionable documents); industrial espionage detection and prevention (intellectual property, computer chips, etc.); and security barrier technology (creation of delay such as gates, vaults, etc.)

Nuclear Security in Action at Facilities in Ghana

International Nuclear Information System (INIS)

Dahlstrom, Danielle

2013-01-01

Nuclear security is a national responsibility. An Integrated Nuclear Security Support Plan (INSSP) is a tool that enables States to address nuclear security in a comprehensive way and to strengthen its national nuclear security regime, beginning with the legislative and regulatory framework within a State. Operating areas in nuclear facilities like research reactors which use highly enriched uranium, require additional physical protection measures to ensure the security of the nuclear material and prevent acts of sabotage. Other radioactive materials, like sealed radioactive sources used in radiotherapy machines in hospitals for cancer treatment, need to be protected so that they are not stolen and used with malicious intent. Nuclear and other radioactive material needs to be kept in safe and secure storage, which incorporates various types of physical barriers to prevent theft and unauthorized access. Intrusion detection and assessment systems, like cameras and sensors, help to ensure timely and adequate responses to any security incident. Responding to a nuclear security incident, and mitigating its consequences, requires specialized equipment like isotope identifiers, and competent and well trained personnel. Nuclear Security Support Centres (NSSCs) focus on human resource development as well as technical and scientific support which contribute to the sustainability of nuclear security in a State

State of the Art: Embedding Security in Vehicles

Directory of Open Access Journals (Sweden)

Weimerskirch André

2007-01-01

Full Text Available For new automotive applications and services, information technology (IT has gained central importance. IT-related costs in car manufacturing are already high and they will increase dramatically in the future. Yet whereas safety and reliability have become a relatively well-established field, the protection of vehicular IT systems against systematic manipulation or intrusion has only recently started to emerge. Nevertheless, IT security is already the base of some vehicular applications such as immobilizers or digital tachographs. To securely enable future automotive applications and business models, IT security will be one of the central technologies for the next generation of vehicles. After a state-of-the-art overview of IT security in vehicles, we give a short introduction into cryptographic terminology and functionality. This contribution will then identify the need for automotive IT security while presenting typical attacks, resulting security objectives, and characteristic constraints within the automotive area. We will introduce core security technologies and relevant security mechanisms followed by a detailed description of critical vehicular applications, business models, and components relying on IT security. We conclude our contribution with a detailed statement about challenges and opportunities for the automotive IT community for embedding IT security in vehicles.

State of the Art: Embedding Security in Vehicles

Directory of Open Access Journals (Sweden)

André Weimerskirch

2007-06-01

Full Text Available For new automotive applications and services, information technology (IT has gained central importance. IT-related costs in car manufacturing are already high and they will increase dramatically in the future. Yet whereas safety and reliability have become a relatively well-established field, the protection of vehicular IT systems against systematic manipulation or intrusion has only recently started to emerge. Nevertheless, IT security is already the base of some vehicular applications such as immobilizers or digital tachographs. To securely enable future automotive applications and business models, IT security will be one of the central technologies for the next generation of vehicles. After a state-of-the-art overview of IT security in vehicles, we give a short introduction into cryptographic terminology and functionality. This contribution will then identify the need for automotive IT security while presenting typical attacks, resulting security objectives, and characteristic constraints within the automotive area. We will introduce core security technologies and relevant security mechanisms followed by a detailed description of critical vehicular applications, business models, and components relying on IT security. We conclude our contribution with a detailed statement about challenges and opportunities for the automotive IT community for embedding IT security in vehicles.

Cyber security for greater service reliability

Energy Technology Data Exchange (ETDEWEB)

Vickery, P. [N-Dimension Solutions Inc., Richmond Hill, ON (Canada)

2008-05-15

Service reliability in the electricity transmission and distribution (T and D) industry is being challenged by increased equipment failures, harsher climatic conditions, and computer hackers who aim to disrupt services by gaining access to transmission and distribution resources. This article discussed methods of ensuring the cyber-security of T and D operators. Weak points in the T and D industry include remote terminal units; intelligent electronic devices; distributed control systems; programmable logic controllers; and various intelligent field devices. An increasing number of interconnection points exist between an operator's service control system and external systems. The North American Electric Reliability Council (NERC) standards specify that cyber security strategies should ensure that all cyber assets are protected, and that access points must be monitored to detect intrusion attempts. The introduction of new advanced metering initiatives must also be considered. Comprehensive monitoring systems should be available to support compliance with cyber security standards. It was concluded that senior management should commit to a periodic cyber security re-assessment program in order to keep up-to-date.

Heart rate, startle response, and intrusive trauma memories

Science.gov (United States)

Chou, Chia-Ying; Marca, Roberto La; Steptoe, Andrew; Brewin, Chris R

2014-01-01

The current study adopted the trauma film paradigm to examine potential moderators affecting heart rate (HR) as an indicator of peritraumatic psychological states and as a predictor of intrusive memories. We replicated previous findings that perifilm HR decreases predicted the development of intrusive images and further showed this effect to be specific to images rather than thoughts, and to detail rather than gist recognition memory. Moreover, a group of individuals showing both an atypical sudden reduction in HR after a startle stimulus and higher trait dissociation was identified. Only among these individuals was lower perifilm HR found to indicate higher state dissociation, fear, and anxiety, along with reduced vividness of intrusions. The current findings emphasize how peritraumatic physiological responses relate to emotional reactions and intrusive memory. The moderating role of individual difference in stress defense style was highlighted. PMID:24397333

Surviving security how to integrate people, process, and technology

CERN Document Server

Andress, Amanda

2003-01-01

WHY DO I NEED SECURITY? Introduction The Importance of an Effective Security Infrastructure People, Process, and Technology What Are You Protecting Against? Types of Attacks Types of Attackers Security as a Competitive Advantage Choosing a Solution Finding Security Employees The Layered Approach UNDERSTANDING REQUIREMENTS AND RISK What Is Risk? Embracing Risk Information Security Risk Assessment Assessing Risk Insurance SECURITY POLICIES AND PROCEDURES Internal Focus Is Key Security Awareness and Education Policy Life Cycle Developing Policies Components of a Security Policy Sample Security Po

Constructing APT Attack Scenarios Based on Intrusion Kill Chain and Fuzzy Clustering

Directory of Open Access Journals (Sweden)

Ru Zhang

2017-01-01

Full Text Available The APT attack on the Internet is becoming more serious, and most of intrusion detection systems can only generate alarms to some steps of APT attack and cannot identify the pattern of the APT attack. To detect APT attack, many researchers established attack models and then correlated IDS logs with the attack models. However, the accuracy of detection deeply relied on the integrity of models. In this paper, we propose a new method to construct APT attack scenarios by mining IDS security logs. These APT attack scenarios can be further used for the APT detection. First, we classify all the attack events by purpose of phase of the intrusion kill chain. Then we add the attack event dimension to fuzzy clustering, correlate IDS alarm logs with fuzzy clustering, and generate the attack sequence set. Next, we delete the bug attack sequences to clean the set. Finally, we use the nonaftereffect property of probability transfer matrix to construct attack scenarios by mining the attack sequence set. Experiments show that the proposed method can construct the APT attack scenarios by mining IDS alarm logs, and the constructed scenarios match the actual situation so that they can be used for APT attack detection.

A Quantitative Study on the Relationship of Information Security Policy Awareness, Enforcement, and Maintenance to Information Security Program Effectiveness

Science.gov (United States)

Francois, Michael T.

2016-01-01

Today's organizations rely heavily on information technology to conduct their daily activities. Therefore, their information security systems are an area of heightened security concern. As a result, organizations implement information security programs to address and mitigate that concern. However, even with the emphasis on information security,…

E-learning stakeholders information security vulnerability model

OpenAIRE

Mohd Alwi, Najwa Hayaati

2012-01-01

The motivation to conduct this research has come from awareness that the Internet exposes the e-learning environment to information security threats and vulnerabilities. Information security management as practised as a top down approach in many organisations tend to detach of people’s responsibility in ensuring the security of e-learning. Literature has pointed out that people’s behaviour required to be addressed to control the information security threats. This research proposes an ISM huma...

Integrated Safeguards and Security Management Self-Assessment 2004

Energy Technology Data Exchange (ETDEWEB)

Lunford, Dan; Ramsey, Dwayne

2005-04-01

In 2002 Ernest Orlando Lawrence Berkeley National Laboratory deployed the first Integrated Safeguards and Security Management (ISSM) Self-Assessment process, designed to measure the effect of the Laboratory's ISSM efforts. This process was recognized by DOE as a best practice and model program for self-assessment and training. In 2004, the second Self-Assessment was launched. The cornerstone of this process was an employee survey that was designed to meet several objectives: (1) Ensure that Laboratory assets are protected. (2) Provide a measurement of the Laboratory's current security status that can be compared against the 2002 Self-Assessment baseline. (3) Educate all Laboratory staff about security responsibilities, tools, and practices. (4) Provide security staff with feedback on the effectiveness of security programs. (5) Provide line management with the information they need to make informed decisions about security. This 2004 Self Assessment process began in July 2004 with every employee receiving an information packet and instructions for completing the ISSM survey. The Laboratory-wide survey contained questions designed to measure awareness and conformance to policy and best practices. The survey response was excellent--90% of Berkeley Lab employees completed the questionnaire. ISSM liaisons from each division followed up on the initial survey results with individual employees to improve awareness and resolve ambiguities uncovered by the questionnaire. As with the 2002 survey, the Self-Assessment produced immediate positive results for the ISSM program and revealed opportunities for longer-term corrective actions. Results of the questionnaire provided information for organizational profiles and an institutional summary. The overall level of security protection and awareness was very high--often above 90%. Post-survey work by the ISSM liaisons and line management consistently led to improved awareness and metrics, as shown by a comparison of

Approach for Assessing Human Intrusion into a Radwaste Repository

International Nuclear Information System (INIS)

Cho, Dong Keun; Kim, Jung Woo; Jeong, Jong Tae; Baik, Min Hoon

2016-01-01

An approach to assess human intrusion into radwaste repository resulting from future human actions was proposed based on the common principals, requirements, and recommendations from IAEA, ICRP, and OECD/NEA, with the assumption that the intrusion occurs after loss of knowledge of the hazardous nature of the disposal facility. At first, the essential boundary conditions were derived on the basis of international recommendations, followed by overall approach to deal with inadvertent human intrusion. The essential premises were derived on the basis of international recommendations, followed by overall approach to deal with inadvertent human intrusion. The procedure to derive protective measures was also explained with four steps regarding how to derive safety framework, general measures, potential measures, and eventual protective measures on the basis of stylized scenarios. It is expected that the approach proposed in this study will be effectively used to reduce the potential for and/or consequence of human intrusion during entire processes of realization of disposal facility.

Nuclear security: Then and now

International Nuclear Information System (INIS)

Weinstein, A.A.

1992-01-01

The evolution of computerized security systems at nuclear power plants has been driven by both the enhancements in computer technology and the changes in regulatory requirements over time. Technical advancements have simplified the essential nature of these systems in both real-time and data processing operations. Regulatory developments have caused a similar trend in simplification. This article addresses the computer and data acquisition portions of a security system and not the access control hardware, intrusion detection sensors, or surveillance equipment, other than to indicate how functional improvements in these areas have been achieved as systems have developed. The state of technology today includes the availability of fault-tolerant computers, the practice of networking multiple computers, and the standardization of real-time data network communications. These factors make two things possible in a plant security system. One is distributed processing, with rapid alarm annunciation (less than 1 second), essentially immediate response to access requests (less than 1 second), and an expeditious and comprehensive reporting capability. The other is permitting different plant operations (security, radiation protection, operator tours) to achieve economies by sharing the same network while using independent computers and avoiding operational conflicts

The appraisal of intrusive thoughts in relation to obsessional-compulsive symptoms.

Science.gov (United States)

Barrera, Terri L; Norton, Peter J

2011-01-01

Research has shown that although intrusive thoughts occur universally, the majority of individuals do not view intrusive thoughts as being problematic (Freeston, Ladouceur, Thibodeau, & Gagnon, 1991; Rachman & de Silva, 1978; Salkovskis & Harrison, 1984). Thus, it is not the presence of intrusive thoughts that leads to obsessional problems but rather some other factor that plays a role in the development of abnormal obsessions. According to the cognitive model of obsessive-compulsive disorder (OCD) put forth by Salkovskis (1985), the crucial factor that differentiates between individuals with OCD and those without is the individual's appraisal of the naturally occurring intrusive thoughts. This study aimed to test Salkovskis's model by examining the role of cognitive biases (responsibility, thought-action fusion, and thought control) as well as distress in the relationship between intrusive thoughts and obsessive-compulsive symptoms in an undergraduate sample of 326 students. An existing measure of intrusive thoughts (the Revised Obsessional Intrusions Inventory) was modified for this study to include a scale of distress associated with each intrusive thought in addition to the current frequency scale. When the Yale-Brown Obsessive-Compulsive Scale was used as the measure of OCD symptoms, a significant interaction effect of frequency and distress of intrusive thoughts resulted. Additionally, a significant three-way interaction of Frequency × Distress × Responsibility was found when the Obsessive Compulsive Inventory-Revised was used as the measure of OCD symptoms. These results indicate that the appraisal of intrusive thoughts is important in predicting OCD symptoms, thus providing support for Salkovskis's model of OCD.

Evaluation of Hanford Single-Shell Waste Tanks Suspected of Water Intrusion

International Nuclear Information System (INIS)

Feero, Amie J.; Washenfelder, Dennis J.; Johnson, Jeremy M.; Schofield, John S.

2013-01-01

Intrusions evaluations for twelve single-shell tanks were completed in 2013. The evaluations consisted of remote visual inspections, data analysis, and calculations of estimated intrusion rates. The observation of an intrusion or the preponderance of evidence confirmed that six of the twelve tanks evaluated had intrusions. These tanks were tanks 241-A-103, BX-101, BX-103, BX-110, BY-102, and SX-106

Saharan dust intrusions in Spain: Health impacts and associated synoptic conditions.

Science.gov (United States)

Díaz, Julio; Linares, Cristina; Carmona, Rocío; Russo, Ana; Ortiz, Cristina; Salvador, Pedro; Trigo, Ricardo Machado

2017-07-01

A lot of papers have been published about the impact on mortality of Sahara dust intrusions in individual cities. However, there is a lack of studies that analyse the impact on a country and scarcer if in addition the analysis takes into account the meteorological conditions that favour these intrusions. The main aim is to examine the effect of Saharan dust intrusions on daily mortality in different Spanish regions and to characterize the large-scale atmospheric circulation anomalies associated with such dust intrusions. For determination of days with Saharan dust intrusions, we used information supplied by the Ministry of Agriculture, Food & Environment, it divides Spain into 9 main areas. In each of these regions, a representative province was selected. A time series analysis has been performed to analyse the relationship between daily mortality and PM 10 levels in the period from 01.01.04 to 31.12.09, using Poisson regression and stratifying the analysis by the presence or absence of Saharan dust advections. The proportion of days on which there are Saharan dust intrusions rises to 30% of days. The synoptic pattern is characterised by an anticyclonic ridge extending from northern Africa to the Iberian Peninsula. Particulate matter (PM) on days with intrusions are associated with daily mortality, something that does not occur on days without intrusions, indicating that Saharan dust may be a risk factor for daily mortality. In other cases, what Saharan dust intrusions do is to change the PM-related mortality behaviour pattern, going from PM 2.5 . A study such as the one conducted here, in which meteorological analysis of synoptic situations which favour Saharan dust intrusions, is combined with the effect on health at a city level, would seem to be crucial when it comes to analysing the differentiated mortality pattern in situations of Saharan dust intrusions. Copyright © 2017 Elsevier Inc. All rights reserved.

Context Aware Middleware Architectures: Survey and Challenges

Directory of Open Access Journals (Sweden)

Xin Li

2015-08-01

Full Text Available Context aware applications, which can adapt their behaviors to changing environments, are attracting more and more attention. To simplify the complexity of developing applications, context aware middleware, which introduces context awareness into the traditional middleware, is highlighted to provide a homogeneous interface involving generic context management solutions. This paper provides a survey of state-of-the-art context aware middleware architectures proposed during the period from 2009 through 2015. First, a preliminary background, such as the principles of context, context awareness, context modelling, and context reasoning, is provided for a comprehensive understanding of context aware middleware. On this basis, an overview of eleven carefully selected middleware architectures is presented and their main features explained. Then, thorough comparisons and analysis of the presented middleware architectures are performed based on technical parameters including architectural style, context abstraction, context reasoning, scalability, fault tolerance, interoperability, service discovery, storage, security & privacy, context awareness level, and cloud-based big data analytics. The analysis shows that there is actually no context aware middleware architecture that complies with all requirements. Finally, challenges are pointed out as open issues for future work.

An evaluation of classification algorithms for intrusion detection ...

African Journals Online (AJOL)

An evaluation of classification algorithms for intrusion detection. ... Log in or Register to get access to full text downloads. ... Most of the available IDSs use all the 41 features in the network to evaluate and search for intrusive pattern in which ...

Hydrodynamic modeling of the intrusion phenomenon in water distribution systems; Modelacion hidrodinamica del fenomeno de intrusion en tuberia de abastecimiento

Energy Technology Data Exchange (ETDEWEB)

Lopez-Jimenez, Petra Amparo; Mora-Rodriguez, Jose de Jesus; Perez-Garcia, Rafael; Martinez-Solano, F. Javier [Universidad Politecnica de Valencia (Spain)

2008-10-15

This paper describes a strategy for the hydrodynamic modeling of the pathogen intrusion phenomenon in water distribution systems by the combination of a breakage with a depression situation. This scenario will be modeled computationally and experimentally. The phenomenon to be represented by both simulations is the same: the entrance of an external volume into the circulation of a main volume, known as a pathogen intrusion, as long as the main volume is potable water. To this end, a prototype and a computational model based on Computational Fluid Dynamics (CFD) are used, which allow visualizing the fields of speeds and pressures in a simulated form. With the comparison of the results of both models, conclusions will be drawn on the detail of the studied pathogen intrusion phenomenon. [Spanish] En el presente documento se describe una estrategia de modelacion del fenomeno hidrodinamico de la intrusion patogena en redes de distribucion de agua por combinacion de una rotura con una situacion de depresion. Este escenario sera modelado computacional y experimentalmente. El fenomeno que se desea representar con ambas simulaciones es el mismo: la entrada de un caudal externo a una conduccion para la que circula un caudal principal, denominado intrusion patogena, siempre y cuando el caudal principal sea agua potable. Para ello se dispone de un prototipo y un modelo computacional basado en la Dinamica de Fluidos Computacional (DFC de aqui en adelante), que permite visualizar los campos de velocidades y presiones de forma simulada. Con la comparacion de los resultados de ambos modelos se extraeran conclusiones sobre el detalle del fenomeno de la intrusion patogena estudiado.

Results of nuclear security culture survey on personnel at nuclear power plants

International Nuclear Information System (INIS)

Yoo, Hosik; Lee, Jeong-Ho

2015-01-01

Highlights: • A new surveying questionnaire for evaluating the security awareness of personnel was developed. • The developed surveying tools consist of four categories and 44 questions in total. • The surveying tools developed in this study can be used in other countries. - Abstract: A survey to evaluate awareness of the nuclear security culture of personnel at nuclear facilities was developed. The survey was made up of a series of questionnaires that were divided into four categories, beliefs and attitude, operating systems, leadership behaviors and staff behaviors. Each category contained six to 16 questions. The category on beliefs and attitude was composed of questions that asked plant workers on how much consideration facility personnel give to issues of security when doing his/her work. The section pertaining to operating systems for nuclear security consisted of questions on guidance documents, information security, and education and training. The questions on leadership behaviors were separated into two parts, one for managers and another for staff. These include questions relating to communication between management and staff, surveillance work related to nuclear security and the sharing of information. The last category of questions concerned staff behaviors. It consisted of questions on knowledge, procedures and implementation related to nuclear security. A survey was conducted on 858 people who worked at nuclear power plants using the questionnaire that was developed in this study. The survey was performed between October 7 to 17, 2014. The survey results were collected and analyzed. A numerical value was given to each question, so that the results of the survey were represented as a score. The data revealed that awareness of the nuclear security culture increased with age. This increase stopped when staff members entered their 50s. It is believed that a person in his/her 50s has a greater degree of experience and passion for their work than

Non-Intrusive Intelligibility Prediction Using a Codebook-Based Approach

DEFF Research Database (Denmark)

Sørensen, Charlotte; Kavalekalam, Mathew Shaji; Xenaki, Angeliki

2017-01-01

It could be beneficial for users of hearing aids if these were able to automatically adjust the processing according to the speech intelligibility in the specific acoustic environment. Most speech intelligibility metrics are intrusive, i.e., they require a clean reference signal, which is rarely...... a high correlation between the proposed non-intrusive codebookbased STOI (NIC-STOI) and the intrusive STOI indicating that NIC-STOI is a suitable metric for automatic classification of speech signals...

Awareness of demands and unfairness and the importance of connectedness and security: Teenage girls’ lived experiences of their everyday lives

Directory of Open Access Journals (Sweden)

Eva-Lena Einberg

2015-06-01

Full Text Available In recent years, a number of studies have demonstrated that stress and mental health problems have increased among adolescents and especially among girls, although little is still known concerning what girls experience in their everyday lives. The aim of this study was to describe the phenomenon of teenage girls’ everyday lives, as experienced by the girls themselves. A phenomenological approach of reflective lifeworld research was used, and the findings are based on eight qualitative interviews with girls aged 13–16 years. The essence of teenage girls’ everyday lives as experienced by the girls themselves can be described as consciousness regarding demands and unfairness and regarding the importance of connectedness and security. The girls are aware of the demands of appearance and success, and they are conscious of the gender differences in school and in the media that affect them. The girls are also conscious about the meaning of connectedness with friends and family, as well as the importance of the security of their confidence in friends and feeling safe where they stay. If teenage girls feel connected and secure, protective factors in the form of manageability and meaningfulness can act as a counterweight to the demands and unfairness of everyday life. For professionals who work with teenage girls, the results from this study can be important in their work to support these girls.

Awareness of demands and unfairness and the importance of connectedness and security: Teenage girls' lived experiences of their everyday lives.

Science.gov (United States)

Einberg, Eva-Lena; Lidell, Evy; Clausson, Eva K

2015-01-01

In recent years, a number of studies have demonstrated that stress and mental health problems have increased among adolescents and especially among girls, although little is still known concerning what girls experience in their everyday lives. The aim of this study was to describe the phenomenon of teenage girls' everyday lives, as experienced by the girls themselves. A phenomenological approach of reflective lifeworld research was used, and the findings are based on eight qualitative interviews with girls aged 13-16 years. The essence of teenage girls' everyday lives as experienced by the girls themselves can be described as consciousness regarding demands and unfairness and regarding the importance of connectedness and security. The girls are aware of the demands of appearance and success, and they are conscious of the gender differences in school and in the media that affect them. The girls are also conscious about the meaning of connectedness with friends and family, as well as the importance of the security of their confidence in friends and feeling safe where they stay. If teenage girls feel connected and secure, protective factors in the form of manageability and meaningfulness can act as a counterweight to the demands and unfairness of everyday life. For professionals who work with teenage girls, the results from this study can be important in their work to support these girls.

Intrusion detection model using fusion of chi-square feature selection and multi class SVM

Directory of Open Access Journals (Sweden)

Ikram Sumaiya Thaseen

2017-10-01

Full Text Available Intrusion detection is a promising area of research in the domain of security with the rapid development of internet in everyday life. Many intrusion detection systems (IDS employ a sole classifier algorithm for classifying network traffic as normal or abnormal. Due to the large amount of data, these sole classifier models fail to achieve a high attack detection rate with reduced false alarm rate. However by applying dimensionality reduction, data can be efficiently reduced to an optimal set of attributes without loss of information and then classified accurately using a multi class modeling technique for identifying the different network attacks. In this paper, we propose an intrusion detection model using chi-square feature selection and multi class support vector machine (SVM. A parameter tuning technique is adopted for optimization of Radial Basis Function kernel parameter namely gamma represented by ‘ϒ’ and over fitting constant ‘C’. These are the two important parameters required for the SVM model. The main idea behind this model is to construct a multi class SVM which has not been adopted for IDS so far to decrease the training and testing time and increase the individual classification accuracy of the network attacks. The investigational results on NSL-KDD dataset which is an enhanced version of KDDCup 1999 dataset shows that our proposed approach results in a better detection rate and reduced false alarm rate. An experimentation on the computational time required for training and testing is also carried out for usage in time critical applications.

The hack attack - Increasing computer system awareness of vulnerability threats

Science.gov (United States)

Quann, John; Belford, Peter

1987-01-01

The paper discusses the issue of electronic vulnerability of computer based systems supporting NASA Goddard Space Flight Center (GSFC) by unauthorized users. To test the security of the system and increase security awareness, NYMA, Inc. employed computer 'hackers' to attempt to infiltrate the system(s) under controlled conditions. Penetration procedures, methods, and descriptions are detailed in the paper. The procedure increased the security consciousness of GSFC management to the electronic vulnerability of the system(s).

Security in the nuclear medicine department

International Nuclear Information System (INIS)

Bassingham, S.; Gane, J.; Chan, P.S.; Heenan, S.; Gulliver, N.; McVey, J.

2005-01-01

The current threat from terrorism highlights the need for awareness of adequate security of radioactive sources by health bodies to prevent the opportunistic access to, theft of. or accidental loss of sources, together with stringent security measures in place to prevent the international misuse of radioactive sources as a weapon by unauthorised access. This presentation discusses the processes undertaken to ensure the safety and security of radioactive materials within the nuclear medicine department in line with current regulations and guidelines. These include risk assessments, security systems, audit trails, restricted access and personnel background checks

Mobile Device Security: Perspectives of Future Healthcare Workers.

Science.gov (United States)

Hewitt, Barbara; Dolezel, Diane; McLeod, Alexander

2017-01-01

Healthcare data breaches on mobile devices continue to increase, yet the healthcare industry has not adopted mobile device security standards. This increase is disturbing because individuals are often accessing patients' protected health information on personal mobile devices, which could lead to a data breach. This deficiency led the researchers to explore the perceptions of future healthcare workers regarding mobile device security. To determine healthcare students' perspectives on mobile device security, the investigators designed and distributed a survey based on the Technology Threat Avoidance Theory. Three hundred thirty-five students participated in the survey. The data were analyzed to determine participants' perceptions about security threats, effectiveness and costs of safeguards, self-efficacy, susceptibility, severity, and their motivation and actions to secure their mobile devices. Awareness of interventions to protect mobile devices was also examined. Results indicate that while future healthcare professionals perceive the severity of threats to their mobile data, they do not feel personally susceptible. Additionally, participants were knowledgeable about security safeguards, but their knowledge of costs and problems related to the adoption of these measures was mixed. These findings indicate that increasing security awareness of healthcare professionals should be a priority.

Intrusion of Magmatic Bodies Into the Continental Crust: 3-D Numerical Models

Science.gov (United States)

Gorczyk, Weronika; Vogt, Katharina

2018-03-01

Magma intrusion is a major material transfer process in the Earth's continental crust. Yet the mechanical behavior of the intruding magma and its host are a matter of debate. In this study we present a series of numerical thermomechanical simulations on magma emplacement in 3-D. Our results demonstrate the response of the continental crust to magma intrusion. We observe change in intrusion geometries between dikes, cone sheets, sills, plutons, ponds, funnels, finger-shaped and stock-like intrusions, and injection time. The rheology and temperature of the host are the main controlling factors in the transition between these different modes of intrusion. Viscous deformation in the warm and deep crust favors host rock displacement and plutons at the crust-mantle boundary forming deep-seated plutons or magma ponds in the lower to middle crust. Brittle deformation in the cool and shallow crust induces cone-shaped fractures in the host rock and enables emplacement of finger- or stock-like intrusions at shallow or intermediate depth. Here the passage of magmatic and hydrothermal fluids from the intrusion through the fracture pattern may result in the formation of ore deposits. A combination of viscous and brittle deformation forms funnel-shaped intrusions in the middle crust. Intrusion of low-density magma may more over result in T-shaped intrusions in cross section with magma sheets at the surface.

A security-awareness virtual machine management scheme based on Chinese wall policy in cloud computing.

Science.gov (United States)

Yu, Si; Gui, Xiaolin; Lin, Jiancai; Tian, Feng; Zhao, Jianqiang; Dai, Min

2014-01-01

Cloud computing gets increasing attention for its capacity to leverage developers from infrastructure management tasks. However, recent works reveal that side channel attacks can lead to privacy leakage in the cloud. Enhancing isolation between users is an effective solution to eliminate the attack. In this paper, to eliminate side channel attacks, we investigate the isolation enhancement scheme from the aspect of virtual machine (VM) management. The security-awareness VMs management scheme (SVMS), a VMs isolation enhancement scheme to defend against side channel attacks, is proposed. First, we use the aggressive conflict of interest relation (ACIR) and aggressive in ally with relation (AIAR) to describe user constraint relations. Second, based on the Chinese wall policy, we put forward four isolation rules. Third, the VMs placement and migration algorithms are designed to enforce VMs isolation between the conflict users. Finally, based on the normal distribution, we conduct a series of experiments to evaluate SVMS. The experimental results show that SVMS is efficient in guaranteeing isolation between VMs owned by conflict users, while the resource utilization rate decreases but not by much.

Nuisance alarm suppression techniques for fibre-optic intrusion detection systems

Science.gov (United States)

Mahmoud, Seedahmed S.; Visagathilagar, Yuvaraja; Katsifolis, Jim

2012-02-01

The suppression of nuisance alarms without degrading sensitivity in fibre-optic intrusion detection systems is important for maintaining acceptable performance. Signal processing algorithms that maintain the POD and minimize nuisance alarms are crucial for achieving this. A level crossings algorithm is presented for suppressing torrential rain-induced nuisance alarms in a fibre-optic fence-based perimeter intrusion detection system. Results show that rain-induced nuisance alarms can be suppressed for rainfall rates in excess of 100 mm/hr, and intrusion events can be detected simultaneously during rain periods. The use of a level crossing based detection and novel classification algorithm is also presented demonstrating the suppression of nuisance events and discrimination of nuisance and intrusion events in a buried pipeline fibre-optic intrusion detection system. The sensor employed for both types of systems is a distributed bidirectional fibre-optic Mach Zehnder interferometer.

Intrusion Detection System In IoT

OpenAIRE

Nygaard, Frederik

2017-01-01

Intrusion detection detects misbehaving nodes in a network. In Internet of Things(IoT), IPv6 Routing for Low-Power and Lossy Networks (RPL) is the standard routing protocol. In IoT, devices commonly have low energy, storage and memory, which is why the implemented intrusion algorithm in this thesis will try to minimize the usage of these resources. IDS for RPL-networks have been implemented before, but the use of resources or the number of packets sent was too high to be successful when findi...

Gamification for Measuring Cyber Security Situational Awareness

Energy Technology Data Exchange (ETDEWEB)

Fink, Glenn A.; Best, Daniel M.; Manz, David O.; Popovsky, V. M.; Endicott-Popovsky, Barbara E.

2013-03-01

Cyber defense competitions arising from U.S. service academy exercises, offer a platform for collecting data that can inform research that ranges from characterizing the ideal cyber warrior to describing behaviors during certain challenging cyber defense situations. This knowledge could lead to better preparation of cyber defenders in both military and civilian settings. This paper describes how one regional competition, the PRCCDC, a participant in the national CCDC program, conducted proof of concept experimentation to collect data during the annual competition for later analysis. The intent is to create an ongoing research agenda that expands on this current work and incorporates augmented cognition and gamification methods for measuring cybersecurity situational awareness under the stress of cyber attack.

Security improvements for rail movements of SNM

International Nuclear Information System (INIS)

Garcia, M.R.; Gronager, J.E.; Shemigon, N.N.

1998-01-01

The US Department of Energy (DOE) and the Russian Special Scientific and Production State Enterprise Eleron have teamed to lead a project to enhance the overall security of Russian Ministry of Atomic Energy (MINATOM) transportation of Special Nuclear Material (SNM) shipments. The effort is called the Railcar Transportation Security Project and is part of the overall DOE Material Protection, Control, and Accounting (MPC and A) program addressing the enhancement of nuclear material control, accounting, and physical protection for Russian SNM. The goal of this MPC and A project is to significantly increase the security of Russian MINATOM highly enriched SNM rail shipments. To accomplish this, the MPC and A Railcar Transportation Security program will provide an enhanced, yet cost effective, railcar transportation security system. The system incorporates a balance between the traditional detection, communications, delay, and response security elements to significantly improve the security of MINATOM SNM shipments. The strategy of this program is to use rapid upgrades to implement mature security technologies as quickly as possible. The rapid upgrades emphasize rapidly deployable delay elements, enhanced radio communications, and intrusion detection and surveillance. Upgraded railcars have begun operation during FY98. Subsequent upgrades will build upon the rapid upgrades and eventually be integrated into a final deployed system configuration. This paper provides an overview of the program, with a summary of performance of the deployed railcars

Reasons in Support of Data Security and Data Security Management as Two Independent Concepts: A New Model

Science.gov (United States)

Moghaddasi, Hamid; Kamkarhaghighi, Mehran

2016-01-01

Introduction: Any information which is generated and saved needs to be protected against accidental or intentional losses and manipulations if it is to be used by the intended users in due time. As such, information managers have adopted numerous measures to achieve data security within data storage systems, along with the spread of information technology. Background: The “data security models” presented thus far have unanimously highlighted the significance of data security management. For further clarification, the current study first introduces the “needs and improvement” cycle; the study will then present some independent definitions, together with a support umbrella, in an attempt to shed light on the data security management. Findings: Data security focuses on three features or attributes known as integrity, identity of sender(s) and identity of receiver(s). Management in data security follows an endless evolutionary process, to keep up with new developments in information technology and communication. In this process management develops new characteristics with greater capabilities to achieve better data security. The characteristics, continuously increasing in number, with a special focus on control, are as follows: private zone, confidentiality, availability, non-repudiation, possession, accountability, authenticity, authentication and auditability. Conclusion: Data security management steadily progresses, resulting in more sophisticated features. The developments are in line with new developments in information and communication technology and novel advances in intrusion detection systems (IDS). Attention to differences between data security and data security management by international organizations such as the International Standard Organization (ISO), and International Telecommunication Union (ITU) is necessary if information quality is to be enhanced. PMID:27857823

Reasons in Support of Data Security and Data Security Management as Two Independent Concepts: A New Model.

Science.gov (United States)

Moghaddasi, Hamid; Sajjadi, Samad; Kamkarhaghighi, Mehran

2016-01-01

Any information which is generated and saved needs to be protected against accidental or intentional losses and manipulations if it is to be used by the intended users in due time. As such, information managers have adopted numerous measures to achieve data security within data storage systems, along with the spread of information technology. The "data security models" presented thus far have unanimously highlighted the significance of data security management. For further clarification, the current study first introduces the "needs and improvement" cycle; the study will then present some independent definitions, together with a support umbrella, in an attempt to shed light on the data security management. Data security focuses on three features or attributes known as integrity, identity of sender(s) and identity of receiver(s). Management in data security follows an endless evolutionary process, to keep up with new developments in information technology and communication. In this process management develops new characteristics with greater capabilities to achieve better data security. The characteristics, continuously increasing in number, with a special focus on control, are as follows: private zone, confidentiality, availability, non-repudiation, possession, accountability, authenticity, authentication and auditability. Data security management steadily progresses, resulting in more sophisticated features. The developments are in line with new developments in information and communication technology and novel advances in intrusion detection systems (IDS). Attention to differences between data security and data security management by international organizations such as the International Standard Organization (ISO), and International Telecommunication Union (ITU) is necessary if information quality is to be enhanced.

An ontology-based intrusion patterns classification system | Shonubi ...

African Journals Online (AJOL)

Studies have shown that computer intrusions have been on the increase in recent times. Many techniques and patterns are being used by intruders to gain access to data on host computer networks. In this work, intrusion patterns were identified and classified and inherent knowledge were represented using an ontology of ...

Simulation of seawater intrusion in coastal aquifers: Some typical ...

Indian Academy of Sciences (India)

Springer Verlag Heidelberg #4 2048 1996 Dec 15 10:16:45

Seawater intrusion; coastal aquifers; density-dependent flow and ... The seawater intrusion mechanism in coastal aquifers generally causes the occurrence of ... (4) The dynamic viscosity of the fluid does not change with respect to salinity and.

SecurityCom: A Multi-Player Game for Researching and Teaching Information Security Teams

Directory of Open Access Journals (Sweden)

Douglas P. Twitchell

2007-12-01

Full Text Available A major portion of government and business organizations’ attempts to counteract information security threats is teams of security personnel.  These teams often consist of personnel of diverse backgrounds in specific specialties such as network administration, application development, and business administration, resulting in possible conflicts between security, functionality, and availability.  This paper discusses the use of games to teach and research information security teams and outlines research to design and build a simple, team-oriented, configurable, information security game. It will be used to study how information security teams work together to defend against attacks using a multi-player game, and to study the use of games in training security teams.  Studying how information security teams work, especially considering the topic of shared-situational awareness, could lead to better ways of forming, managing, and training teams.  Studying the effectiveness of the game as a training tool could lead to better training for security teams. 

Network security with openSSL cryptography for secure communications

CERN Document Server

Viega, John; Chandra, Pravir

2002-01-01

Most applications these days are at least somewhat network aware, but how do you protect those applications against common network security threats? Many developers are turning to OpenSSL, an open source version of SSL/TLS, which is the most widely used protocol for secure network communications.The OpenSSL library is seeing widespread adoption for web sites that require cryptographic functions to protect a broad range of sensitive information, such as credit card numbers and other financial transactions. The library is the only free, full-featured SSL implementation for C and C++, and it can be used programmatically or from the command line to secure most TCP-based network protocols.Network Security with OpenSSL enables developers to use this protocol much more effectively. Traditionally, getting something simple done in OpenSSL could easily take weeks. This concise book gives you the guidance you need to avoid pitfalls, while allowing you to take advantage of the library?s advanced features. And, inst...

Semi-non-intrusive objective intelligibility measure using spatial filtering in hearing aids

DEFF Research Database (Denmark)

Sørensen, Charlotte; Boldt, Jesper Bünsow; Gran, Frederik

2016-01-01

-intrusive metrics have not been able to achieve acceptable intelligibility predictions. This paper presents a new semi-non-intrusive intelligibility measure based on an existing intrusive measure, STOI, where an estimate of the clean speech is extracted using spatial filtering in the hearing aid. The results......Reliable non-intrusive online assessment of speech intelligibility can play a key role for the functioning of hearing aids, e.g. as guidance for adjusting the hearing aid settings to the environment. While existing intrusive metrics can provide a precise and reliable measure, the current non...

Adaptive Intrusion Data System (AIDS)

International Nuclear Information System (INIS)

Corlis, N.E.

1980-05-01

The adaptive intrusion data system (AIDS) was developed to collect data from intrusion alarm sensors as part of an evaluation system to improve sensor performance. AIDS is a unique data system which uses computer controlled data systems, video cameras and recorders, analog-to-digital conversion, environmental sensors, and digital recorders to collect sensor data. The data can be viewed either manually or with a special computerized data-reduction system which adds new data to a data base stored on a magnetic disc recorder. This report provides a synoptic account of the AIDS as it presently exists. Modifications to the purchased subsystems are described, and references are made to publications which describe the Sandia-designed subsystems

Development and Demonstration of a Security Core Component

Energy Technology Data Exchange (ETDEWEB)

Turke, Andy

2014-02-28

In recent years, the convergence of a number of trends has resulted in Cyber Security becoming a much greater concern for electric utilities. A short list of these trends includes: · Industrial Control Systems (ICSs) have evolved from depending on proprietary hardware and operating software toward using standard off-the-shelf hardware and operating software. This has meant that these ICSs can no longer depend on “security through obscurity. · Similarly, these same systems have evolved toward using standard communications protocols, further reducing their ability to rely upon obscurity. · The rise of the Internet and the accompanying demand for more data about virtually everything has resulted in formerly isolated ICSs becoming at least partially accessible via Internet-connected networks. · “Cyber crime” has become commonplace, whether it be for industrial espionage, reconnaissance for a possible cyber attack, theft, or because some individual or group “has something to prove.” Electric utility system operators are experts at running the power grid. The reality is, especially at small and mid-sized utilities, these SCADA operators will by default be “on the front line” if and when a cyber attack occurs against their systems. These people are not computer software, networking, or cyber security experts, so they are ill-equipped to deal with a cyber security incident. Cyber Security Manager (CSM) was conceived, designed, and built so that it can be configured to know what a utility’s SCADA/EMS/DMS system looks like under normal conditions. To do this, CSM monitors log messages from any device that uses the syslog standard. It can also monitor a variety of statistics from the computers that make up the SCADA/EMS/DMS: outputs from host-based security tools, intrusion detection systems, SCADA alarms, and real-time SCADA values – even results from a SIEM (Security Information and Event Management) system. When the system deviates from �

Automating Information Assurance for Cyber Situational Awareness within a Smart Cloud System of Systems

Science.gov (United States)

2014-03-01

monitoring and protection of data such as Transport Layer Security ( TLS ), Secure Sockets Layer ( SSL ), and Internet Protocol Security (IPsec) protocols...and usage of data loss prevention software. Protocols such as TLS , SSL , and IPsec encrypt data packets for secure transportation and decryption by...Representational State Transfer RSS rich site summary SA situational awareness SAF Singapore Armed Forces SoS system of systems SSL secure sockets layer S

Hybrid architecture for building secure sensor networks

Science.gov (United States)

Owens, Ken R., Jr.; Watkins, Steve E.

2012-04-01

Sensor networks have various communication and security architectural concerns. Three approaches are defined to address these concerns for sensor networks. The first area is the utilization of new computing architectures that leverage embedded virtualization software on the sensor. Deploying a small, embedded virtualization operating system on the sensor nodes that is designed to communicate to low-cost cloud computing infrastructure in the network is the foundation to delivering low-cost, secure sensor networks. The second area focuses on securing the sensor. Sensor security components include developing an identification scheme, and leveraging authentication algorithms and protocols that address security assurance within the physical, communication network, and application layers. This function will primarily be accomplished through encrypting the communication channel and integrating sensor network firewall and intrusion detection/prevention components to the sensor network architecture. Hence, sensor networks will be able to maintain high levels of security. The third area addresses the real-time and high priority nature of the data that sensor networks collect. This function requires that a quality-of-service (QoS) definition and algorithm be developed for delivering the right data at the right time. A hybrid architecture is proposed that combines software and hardware features to handle network traffic with diverse QoS requirements.

Integrated situational awareness for cyber attack detection, analysis, and mitigation

Science.gov (United States)

Cheng, Yi; Sagduyu, Yalin; Deng, Julia; Li, Jason; Liu, Peng

2012-06-01

Real-time cyberspace situational awareness is critical for securing and protecting today's enterprise networks from various cyber threats. When a security incident occurs, network administrators and security analysts need to know what exactly has happened in the network, why it happened, and what actions or countermeasures should be taken to quickly mitigate the potential impacts. In this paper, we propose an integrated cyberspace situational awareness system for efficient cyber attack detection, analysis and mitigation in large-scale enterprise networks. Essentially, a cyberspace common operational picture will be developed, which is a multi-layer graphical model and can efficiently capture and represent the statuses, relationships, and interdependencies of various entities and elements within and among different levels of a network. Once shared among authorized users, this cyberspace common operational picture can provide an integrated view of the logical, physical, and cyber domains, and a unique visualization of disparate data sets to support decision makers. In addition, advanced analyses, such as Bayesian Network analysis, will be explored to address the information uncertainty, dynamic and complex cyber attack detection, and optimal impact mitigation issues. All the developed technologies will be further integrated into an automatic software toolkit to achieve near real-time cyberspace situational awareness and impact mitigation in large-scale computer networks.

Railway clearance intrusion detection method with binocular stereo vision

Science.gov (United States)

Zhou, Xingfang; Guo, Baoqing; Wei, Wei

2018-03-01

In the stage of railway construction and operation, objects intruding railway clearance greatly threaten the safety of railway operation. Real-time intrusion detection is of great importance. For the shortcomings of depth insensitive and shadow interference of single image method, an intrusion detection method with binocular stereo vision is proposed to reconstruct the 3D scene for locating the objects and judging clearance intrusion. The binocular cameras are calibrated with Zhang Zhengyou's method. In order to improve the 3D reconstruction speed, a suspicious region is firstly determined by background difference method of a single camera's image sequences. The image rectification, stereo matching and 3D reconstruction process are only executed when there is a suspicious region. A transformation matrix from Camera Coordinate System(CCS) to Track Coordinate System(TCS) is computed with gauge constant and used to transfer the 3D point clouds into the TCS, then the 3D point clouds are used to calculate the object position and intrusion in TCS. The experiments in railway scene show that the position precision is better than 10mm. It is an effective way for clearance intrusion detection and can satisfy the requirement of railway application.

Intrusion problematic during water supply systems’ operation

OpenAIRE

Jesus Mora-Rodriguez, P. Amparo López-Jimenez, Helena M. Ramos

2011-01-01

Intrusion through leaks occurrence is a phenomenon when external fluid comes into water pipe systems. This phenomenon can cause contamination problems in drinking pipe systems. Hence, this paper focuses on the entry of external fluids across small leaks during normal operation conditions. This situation is especially important in elevated points of the pipe profile. Pressure variations can origin water volume losses and intrusion of contaminants into the drinking water pipes. This work focuse...

Feature-based alert correlation in security systems using self organizing maps

Science.gov (United States)

Kumar, Munesh; Siddique, Shoaib; Noor, Humera

2009-04-01

The security of the networks has been an important concern for any organization. This is especially important for the defense sector as to get unauthorized access to the sensitive information of an organization has been the prime desire for cyber criminals. Many network security techniques like Firewall, VPN Concentrator etc. are deployed at the perimeter of network to deal with attack(s) that occur(s) from exterior of network. But any vulnerability that causes to penetrate the network's perimeter of defense, can exploit the entire network. To deal with such vulnerabilities a system has been evolved with the purpose of generating an alert for any malicious activity triggered against the network and its resources, termed as Intrusion Detection System (IDS). The traditional IDS have still some deficiencies like generating large number of alerts, containing both true and false one etc. By automatically classifying (correlating) various alerts, the high-level analysis of the security status of network can be identified and the job of network security administrator becomes much easier. In this paper we propose to utilize Self Organizing Maps (SOM); an Artificial Neural Network for correlating large amount of logged intrusion alerts based on generic features such as Source/Destination IP Addresses, Port No, Signature ID etc. The different ways in which alerts can be correlated by Artificial Intelligence techniques are also discussed. . We've shown that the strategy described in the paper improves the efficiency of IDS by better correlating the alerts, leading to reduced false positives and increased competence of network administrator.

Online Adaboost-Based Parameterized Methods for Dynamic Distributed Network Intrusion Detection.

Science.gov (United States)

Hu, Weiming; Gao, Jun; Wang, Yanguo; Wu, Ou; Maybank, Stephen

2014-01-01

Current network intrusion detection systems lack adaptability to the frequently changing network environments. Furthermore, intrusion detection in the new distributed architectures is now a major requirement. In this paper, we propose two online Adaboost-based intrusion detection algorithms. In the first algorithm, a traditional online Adaboost process is used where decision stumps are used as weak classifiers. In the second algorithm, an improved online Adaboost process is proposed, and online Gaussian mixture models (GMMs) are used as weak classifiers. We further propose a distributed intrusion detection framework, in which a local parameterized detection model is constructed in each node using the online Adaboost algorithm. A global detection model is constructed in each node by combining the local parametric models using a small number of samples in the node. This combination is achieved using an algorithm based on particle swarm optimization (PSO) and support vector machines. The global model in each node is used to detect intrusions. Experimental results show that the improved online Adaboost process with GMMs obtains a higher detection rate and a lower false alarm rate than the traditional online Adaboost process that uses decision stumps. Both the algorithms outperform existing intrusion detection algorithms. It is also shown that our PSO, and SVM-based algorithm effectively combines the local detection models into the global model in each node; the global model in a node can handle the intrusion types that are found in other nodes, without sharing the samples of these intrusion types.

Eavesdropping-aware routing and spectrum allocation based on multi-flow virtual concatenation for confidential information service in elastic optical networks

Science.gov (United States)

Bai, Wei; Yang, Hui; Yu, Ao; Xiao, Hongyun; He, Linkuan; Feng, Lei; Zhang, Jie

2018-01-01

The leakage of confidential information is one of important issues in the network security area. Elastic Optical Networks (EON) as a promising technology in the optical transport network is under threat from eavesdropping attacks. It is a great demand to support confidential information service (CIS) and design efficient security strategy against the eavesdropping attacks. In this paper, we propose a solution to cope with the eavesdropping attacks in routing and spectrum allocation. Firstly, we introduce probability theory to describe eavesdropping issue and achieve awareness of eavesdropping attacks. Then we propose an eavesdropping-aware routing and spectrum allocation (ES-RSA) algorithm to guarantee information security. For further improving security and network performance, we employ multi-flow virtual concatenation (MFVC) and propose an eavesdropping-aware MFVC-based secure routing and spectrum allocation (MES-RSA) algorithm. The presented simulation results show that the proposed two RSA algorithms can both achieve greater security against the eavesdropping attacks and MES-RSA can also improve the network performance efficiently.

Appraisal and control of sexual and non-sexual intrusive thoughts in university students.

Science.gov (United States)

Clark, D A; Purdon, C; Byers, E S

2000-05-01

This study examined differences in the appraisal and thought control strategies associated with the perceived control of unwanted sexual and non-sexual intrusive thoughts. Eleven appraisal dimensions, subjective physiological arousal and 10 thought control strategies were measured in 171 university students who were administered the Revised Obsessive Intrusions Inventory-Sex Version, a self-report measure of unwanted intrusive thoughts. Thought-action fusion (TAF) likelihood was a significant unique predictor of the perceived controllability of respondents' most upsetting sexual and non-sexual intrusive thought. Moreover greater subjective physiological arousal was a significant predictor of reduced control over sexual intrusions, whereas worry that one might act on an intrusive thought and greater effort to control the intrusion were significant unique predictors of the control of non-sexual intrusive thoughts. Various thought control strategies were more often used in response to non-sexual than sexual cognitions. The results are discussed in terms of the differential role of various appraisal processes in the control of unwanted sexual and non-sexual thoughts.

PBX Security and Forensics A Practical Approach

CERN Document Server

Androulidakis, Iosif I

2013-01-01

PBX Security and Forensics begins with an introduction to PBXs (Private Branch Exchanges) and the scene, statistics and involved actors. This book discusses confidentiality, integrity and availability threats in PBXs. The author examines the threats and the technical background as well as security and Forensics involving PBXs. The purpose of this book is to raise user awareness in regards to security and privacy threats present in PBXs, helping both users and administrators safeguard their systems.

Toddler inhibited temperament, maternal cortisol reactivity and embarrassment, and intrusive parenting.

Science.gov (United States)

Kiel, Elizabeth J; Buss, Kristin A

2013-06-01

The relevance of parenting behavior to toddlers' development necessitates a better understanding of the influences on parents during parent-child interactions. Toddlers' inhibited temperament may relate to parenting behaviors, such as intrusiveness, that predict outcomes later in childhood. The conditions under which inhibited temperament relates to intrusiveness, however, remain understudied. A multimethod approach would acknowledge that several levels of processes determine mothers' experiences during situations in which they witness their toddlers interacting with novelty. As such, the current study examined maternal cortisol reactivity and embarrassment about shyness as moderators of the relation between toddlers' inhibited temperament and maternal intrusive behavior. Participants included 92 24-month-old toddlers and their mothers. Toddlers' inhibited temperament and maternal intrusiveness were measured observationally in the laboratory. Mothers supplied saliva samples at the beginning of the laboratory visit and 20 minutes after observation. Maternal cortisol reactivity interacted with inhibited temperament in relation to intrusive behavior, such that mothers with higher levels of cortisol reactivity were observed to be more intrusive with more highly inhibited toddlers. Embarrassment related to intrusive behavior as a main effect. These results highlight the importance of considering child characteristics and psychobiological processes in relation to parenting behavior. PsycINFO Database Record (c) 2013 APA, all rights reserved.

A Markov game theoretic data fusion approach for cyber situational awareness

Science.gov (United States)

Shen, Dan; Chen, Genshe; Cruz, Jose B., Jr.; Haynes, Leonard; Kruger, Martin; Blasch, Erik

2007-04-01

This paper proposes an innovative data-fusion/ data-mining game theoretic situation awareness and impact assessment approach for cyber network defense. Alerts generated by Intrusion Detection Sensors (IDSs) or Intrusion Prevention Sensors (IPSs) are fed into the data refinement (Level 0) and object assessment (L1) data fusion components. High-level situation/threat assessment (L2/L3) data fusion based on Markov game model and Hierarchical Entity Aggregation (HEA) are proposed to refine the primitive prediction generated by adaptive feature/pattern recognition and capture new unknown features. A Markov (Stochastic) game method is used to estimate the belief of each possible cyber attack pattern. Game theory captures the nature of cyber conflicts: determination of the attacking-force strategies is tightly coupled to determination of the defense-force strategies and vice versa. Also, Markov game theory deals with uncertainty and incompleteness of available information. A software tool is developed to demonstrate the performance of the high level information fusion for cyber network defense situation and a simulation example shows the enhanced understating of cyber-network defense.

Source characteristics and tectonic setting of mafic-ultramafic intrusions in North Xinjiang, NW China: Insights from the petrology and geochemistry of the Lubei mafic-ultramafic intrusion

Science.gov (United States)

Chen, Bao-Yun; Yu, Jin-Jie; Liu, Shuai-Jie

2018-05-01

The newly discovered Lubei sulfide-bearing mafic-ultramafic intrusion forms the western extension of the Huangshan-Jin'erquan mafic-ultramafic intrusion belt in East Tianshan, NW China. The Lubei intrusion comprises hornblende peridotite, lherzolite, and harzburgite in its southern portion, gabbro in its middle portion, and hornblende gabbro in its northern portion. Intrusive relationships indicate that three magma pulses were involved in the formation of the intrusion, and that they were likely evolved from a common primitive magma. Estimated compositions of the Lubei primitive magma are similar to those of island arc calc-alkaline basalt except for the low Na2O and CaO contents of the Lubei primitive magma. This paper reports on the mineral compositions, whole-rock major and trace element contents, and Rb-Sr and Sm-Nd isotopic compositions of the Lubei intrusion, and a zircon LA-MC-ICP-MS U-Pb age for hornblende gabbro. The Lubei intrusion is characterized by enrichment in large-ion lithophile elements, depletion in high-field-strength elements, and marked negative Nb and Ta anomalies, with enrichment in chondrite-normalized light rare earth elements. It exhibits low (87Sr/86Sr)i ratios of 0.70333-0.70636 and low (143Nd/144Nd)i ratios of 0.51214-0.51260, with positive εNd values of +4.01 to +6.33. LA-ICP-MS U-Pb zircon ages yielded a weighted-mean age of 287.9 ± 1.6 Ma for the Lubei intrusion. Contemporaneous mafic-ultramafic intrusions in different tectonic domains in North Xinjiang show similar geological and geochemical signatures to the Lubei intrusion, suggesting a source region of metasomatized mantle previously modified by hydrous fluids from the slab subducted beneath the North Xinjiang region in the early Permian. Metasomatism of the mantle was dominated by hydrous fluids and was related to subduction of the Paleo-Asian oceanic lithosphere during the Paleozoic. Sr-Nd-Pb isotopic compositions suggest that the mantle source was a mixture of depleted mid

Cultural and Personality Predictors of Facebook Intrusion: A Cross-Cultural Study.

Science.gov (United States)

Błachnio, Agata; Przepiorka, Aneta; Benvenuti, Martina; Cannata, Davide; Ciobanu, Adela M; Senol-Durak, Emre; Durak, Mithat; Giannakos, Michail N; Mazzoni, Elvis; Pappas, Ilias O; Popa, Camelia; Seidman, Gwendolyn; Yu, Shu; Wu, Anise M S; Ben-Ezra, Menachem

2016-01-01

The increase in the number of users of social networking sites (SNS) has inspired intense efforts to determine intercultural differences between them. The main aim of the study was to investigate the cultural and personal predictors of Facebook intrusion. A total of 2628 Facebook users from eight countries took part in the study. The Facebook Intrusion Questionnaire, the Ten-Item Personality Inventory, and the Singelis Scale were used. We found that two variables related to Country were significantly related to Facebook intrusion: uniqueness (negatively) and low context (positively); of the personality variables, conscientiousness, and emotional stability were negatively related to the dependent variable of Facebook intrusion across different countries, which may indicate the universal pattern of Facebook intrusion. The results of the study will contribute to the international debate on the phenomenon of SNS.

Secure and Time-Aware Communication of Wireless Sensors Monitoring Overhead Transmission Lines.

Science.gov (United States)

Mazur, Katarzyna; Wydra, Michal; Ksiezopolski, Bogdan

2017-07-11

Existing transmission power grids suffer from high maintenance costs and scalability issues along with a lack of effective and secure system monitoring. To address these problems, we propose to use Wireless Sensor Networks (WSNs) as a technology to achieve energy efficient, reliable, and low-cost remote monitoring of transmission grids. With WSNs, smart grid enables both utilities and customers to monitor, predict and manage energy usage effectively and react to possible power grid disturbances in a timely manner. However, the increased application of WSNs also introduces new security challenges, especially related to privacy, connectivity, and security management, repeatedly causing unpredicted expenditures. Monitoring the status of the power system, a large amount of sensors generates massive amount of sensitive data. In order to build an effective Wireless Sensor Network (WSN) for a smart grid, we focus on designing a methodology of efficient and secure delivery of the data measured on transmission lines. We perform a set of simulations, in which we examine different routing algorithms, security mechanisms and WSN deployments in order to select the parameters that will not affect the delivery time but fulfill their role and ensure security at the same time. Furthermore, we analyze the optimal placement of direct wireless links, aiming at minimizing time delays, balancing network performance and decreasing deployment costs.

Unique Challenges in WiFi Intrusion Detection

OpenAIRE

Milliken, Jonny

2014-01-01

The Intrusion Detection System (IDS) is a common means of protecting networked systems from attack or malicious misuse. The deployment of an IDS can take many different forms dependent on protocols, usage and cost. This is particularly true of Wireless Intrusion Detection Systems (WIDS) which have many detection challenges associated with data transmission through an open, shared medium, facilitated by fundamental changes at the Physical and MAC layers. WIDS need to be considered in more deta...

Method of Performance-Aware Security of Unicast Communication in Hybrid Satellite Networks

Science.gov (United States)

Roy-Chowdhury, Ayan (Inventor); Baras, John S. (Inventor)

2014-01-01

A method and apparatus utilizes Layered IPSEC (LES) protocol as an alternative to IPSEC for network-layer security including a modification to the Internet Key Exchange protocol. For application-level security of web browsing with acceptable end-to-end delay, the Dual-mode SSL protocol (DSSL) is used instead of SSL. The LES and DSSL protocols achieve desired end-to-end communication security while allowing the TCP and HTTP proxy servers to function correctly.

Influence of seawater intrusion on microbial communities in groundwater.

Science.gov (United States)

Unno, Tatsuya; Kim, Jungman; Kim, Yumi; Nguyen, Son G; Guevarra, Robin B; Kim, Gee Pyo; Lee, Ji-Hoon; Sadowsky, Michael J

2015-11-01

Groundwater is the sole source of potable water on Jeju Island in the Republic of (South) Korea. Groundwater is also used for irrigation and industrial purposes, and it is severely impacted by seawater intrusion in coastal areas. Consequently, monitoring the intrusion of seawater into groundwater on Jeju is very important for health and environmental reasons. A number of studies have used hydrological models to predict the deterioration of groundwater quality caused by seawater intrusion. However, there is conflicting evidence of intrusion due to complicated environmental influences on groundwater quality. Here we investigated the use of next generation sequencing (NGS)-based microbial community analysis as a way to monitor groundwater quality and detect seawater intrusion. Pristine groundwater, groundwater from three coastal areas, and seawater were compared. Analysis of the distribution of bacterial species clearly indicated that the high and low salinity groundwater differed significantly with respect to microbial composition. While members of the family Parvularculaceae were only identified in high salinity water samples, a greater percentage of the phylum Actinobacteria was predominantly observed in pristine groundwater. In addition, we identified 48 shared operational taxonomic units (OTUs) with seawater, among which the high salinity groundwater sample shared a greater number of bacterial species with seawater (6.7%). In contrast, other groundwater samples shared less than 0.5%. Our results suggest that NGS-based microbial community analysis of groundwater may be a useful tool for monitoring groundwater quality and detect seawater intrusion. This technology may also provide additional insights in understanding hydrological dynamics. Copyright © 2015 Elsevier B.V. All rights reserved.

Diabetes Intrusiveness and Wellness among Elders: A Test of the Illness Intrusiveness Model

Science.gov (United States)

DeCoster, Vaughn A.; Killian, Tim; Roessler, Richard T.

2013-01-01

Using data collected from 147 predominately African American senior citizens in Arkansas, this research examined the Illness Intrusiveness Model (Devins, 1991; Devins & Seland, 1987; Devins & Shnek, 2000) to explain variations in wellness specifically related to participants' adaptation to diabetes. The theoretical model hypothesized that…

Adversarial Feature Selection Against Evasion Attacks.

Science.gov (United States)

Zhang, Fei; Chan, Patrick P K; Biggio, Battista; Yeung, Daniel S; Roli, Fabio

2016-03-01

Pattern recognition and machine learning techniques have been increasingly adopted in adversarial settings such as spam, intrusion, and malware detection, although their security against well-crafted attacks that aim to evade detection by manipulating data at test time has not yet been thoroughly assessed. While previous work has been mainly focused on devising adversary-aware classification algorithms to counter evasion attempts, only few authors have considered the impact of using reduced feature sets on classifier security against the same attacks. An interesting, preliminary result is that classifier security to evasion may be even worsened by the application of feature selection. In this paper, we provide a more detailed investigation of this aspect, shedding some light on the security properties of feature selection against evasion attacks. Inspired by previous work on adversary-aware classifiers, we propose a novel adversary-aware feature selection model that can improve classifier security against evasion attacks, by incorporating specific assumptions on the adversary's data manipulation strategy. We focus on an efficient, wrapper-based implementation of our approach, and experimentally validate its soundness on different application examples, including spam and malware detection.

When Intrusion Detection Meets Blockchain Technology: A Review

DEFF Research Database (Denmark)

Meng, Weizhi; Tischhauser, Elmar Wolfgang; Wang, Qingju

2018-01-01

developed, which allow IDS nodes to exchange data with each other. However, data and trust management still remain two challenges for current detection architectures, which may degrade the effectiveness of such detection systems. In recent years, blockchain technology has shown its adaptability in many...... fields such as supply chain management, international payment, interbanking and so on. As blockchain can protect the integrity of data storage and ensure process transparency, it has a potential to be applied to intrusion detection domain. Motivated by this, this work provides a review regarding...... the intersection of IDSs and blockchains. In particular, we introduce the background of intrusion detection and blockchain, discuss the applicability of blockchain to intrusion detection, and identify open challenges in this direction....

Ultrabroadband photonic Internet: data mining approach to security aspects

Science.gov (United States)

Kalicki, Arkadiusz

2009-06-01

Web applications became most popular medium in the Internet. Popularity, easiness of web application frameworks together with careless development results in high number of vulnerabilities and attacks. There are several types of attacks possible because of improper input validation. SQL injection is ability to execute arbitrary SQL queries in a database through an existing application. Cross-site scripting is the vulnerability which allows malicious web users to inject code into the web pages viewed by other users. Cross-Site Request Forgery (CSRF) is an attack that tricks the victim into loading a page that contains malicious request. Web spam in blogs. In order to secure web applications intrusion detection (IDS) and intrusion prevention systems (IPS) are being used. Intrusion detection systems are divided in two groups: misuse detection (traditional IDS) and anomaly detection. Misuse detection systems are signature based, have high accuracy in detecting many kinds of known attacks but cannot detect unknown and emerging attacks. This can be complemented with anomaly based intrusion detection and prevention systems. This paper presents anomaly driven proxy as an IPS and data mining based algorithm which was used to detecting anomalies. The principle of this method is the comparison of the incoming HTTP traffic with a previously built profile that contains a representation of the "normal" or expected web application usage sequence patterns. The frequent sequence patterns are found with GSP algorithm. Some basic tests show that the software catches malicious requests.

Cultural and Personality Predictors of Facebook Intrusion: A Cross-Cultural Study

Science.gov (United States)

Błachnio, Agata; Przepiorka, Aneta; Benvenuti, Martina; Cannata, Davide; Ciobanu, Adela M.; Senol-Durak, Emre; Durak, Mithat; Giannakos, Michail N.; Mazzoni, Elvis; Pappas, Ilias O.; Popa, Camelia; Seidman, Gwendolyn; Yu, Shu; Wu, Anise M. S.; Ben-Ezra, Menachem

2016-01-01

The increase in the number of users of social networking sites (SNS) has inspired intense efforts to determine intercultural differences between them. The main aim of the study was to investigate the cultural and personal predictors of Facebook intrusion. A total of 2628 Facebook users from eight countries took part in the study. The Facebook Intrusion Questionnaire, the Ten-Item Personality Inventory, and the Singelis Scale were used. We found that two variables related to Country were significantly related to Facebook intrusion: uniqueness (negatively) and low context (positively); of the personality variables, conscientiousness, and emotional stability were negatively related to the dependent variable of Facebook intrusion across different countries, which may indicate the universal pattern of Facebook intrusion. The results of the study will contribute to the international debate on the phenomenon of SNS. PMID:27994566

Cultural and Personality Predictors of Facebook Intrusion: A Cross-Cultural Study

Directory of Open Access Journals (Sweden)

Agata Błachnio

2016-12-01

Full Text Available The increase in the number of users of social networking sites has inspired intense efforts to determine intercultural differences between them. The main aim of the study was to investigate the cultural and personal predictors of Facebook intrusion. A total of 2,628 Facebook users from eight countries took part in the study. The Facebook Intrusion Questionnaire, the Ten-Item Personality Measure, and the Singelis Scale were used. We found that two variables related to Country were significantly related to Facebook intrusion: uniqueness (negatively and low context (positively; of the personality variables, conscientiousness and emotional stability were negatively related to the dependent variable of Facebook intrusion across different countries, which may indicate the universal pattern of Facebook intrusion. The results of the study will contribute to the international debate on the phenomenon of social networking sites (SNS.

Physical security technology base programs for physical security

International Nuclear Information System (INIS)

Jacobs, J.

1986-01-01

Sandia National Laboratories is the US Department of Energy's lead laboratory for physical security research and development (R and D). In support of this mission, Sandia has maintained for several years an R and D program in each of the following technology areas: Intrusion Detection, Entry Control, CCTV Assessment, Access Delay, Alarm Display, and Guard Equipment and Training. The purpose of the technology base programs is to maintain cognizance of the capabilities of the commercial market, identify improvements and transfer technology to industry and facilities. The output of these programs supports the development of new equipment and advanced system concepts, demonstrations of proof-of-principles and system implementation. This paper will review the status of current developments and discuss trends in new technologies which are being explored for future applications, i.e., artificial intelligence, expert systems, robotics, and more automated systems

Rare earth mineralisation in the Cnoc nan Cuilean intrusion of the Loch Loyal Syenite Complex, northern Scotland

Science.gov (United States)

Walters, A. S.; Hughes, H. S. R.; Goodenough, K. M.; Gunn, A. G.; Lacinska, A.

2012-04-01

Due to growing global concerns about security of rare earth element (REE) supply, there is considerable interest in identifying new deposits and in understanding the processes responsible for their formation. Ongoing studies by BGS on potential indigenous resources have focused on the Caledonian alkaline intrusive complexes of north-west Scotland. The highest values of total rare earth oxide (TREO) have been found in the Cnoc nan Cuilean intrusion of the Loch Loyal Complex in Sutherland. The Loch Loyal Syenite Complex comprises three intrusions: Ben Loyal, Beinn Stumanadh and Cnoc nan Cuilean. The Cnoc nan Cuilean intrusion, which covers an area of about 3 km2, can be subdivided into two zones: a Mixed Syenite Zone (MSZ) and a later Massive Leucosyenite Zone (MLZ). Evidence from field mapping and 3D-modelling suggests that the melasyenites were passively emplaced to form a lopolith concordant with the Moine and Lewisian country rocks. A later episode of leucosyenitic magmatism caused mixing and mingling with the melasyenite forming the MSZ. Continued intrusion of leucosyenite melts then formed the MLZ [1]. The melasyenites are enriched in TREO relative to the leucosyenites with average values of 3800 ppm and 1400 ppm respectively. The highest contents, up to 20 000 ppm TREO, are found in narrow biotite-magnetite-rich veins identified in a single stream section near the eastern margin of the intrusion. All lithologies are light rare earth element (LREE) dominated with high concentrations of Ba and Sr and low levels of Nb and Ta. Various REE-bearing minerals are present but allanite is dominant, being present in all major magmatic lithologies and the biotite-magnetite veins. Three generations of allanite have been identified: a late-magmatic phase rimming apatite; allanite micro veinlets cross-cutting the syenite; and a third phase only observed in the biotite-magnetite veins. TREO concentrations of the different allanite generations are similar, averaging 22%. The

A Methodology to Integrate Security and Cost-effectiveness in ATM

OpenAIRE

Matarese, Francesca; Montefusco, Patrizia; Neves, José; Rocha, André

2014-01-01

The objective of this paper is the definition of a new methodology for carrying out security risk assessment in the air traffic management (ATM) domain so as to enhance security awareness and integrate secure and cost-effective design objectives. This process is carried out by modelling the system, identifying the assets, threats and vulnerabilities, prioritizing the threats and proposing cost-effective countermeasures for the weaknesses found. ATM security is concerned with securing ATM a...

Survey of Malware Threats and Recommendations to Improve Cybersecurity for Industrial Control Systems Version 1.0

Science.gov (United States)

2015-02-01

not normally blocked by enterprise firewalls . • Some malware exploited zero-day vulnerabilities as well as attempted to exploit vulnerabilities for...servers, receiving updates, and exfiltrating data. Firewalls are routinely configured to block incoming connections while malware within a target...implemented with layers of technical security controls (e.g., ICS-aware firewalls ) to control network traffic and prevent the spread of malware . Intrusion

Attacks on Bluetooth Security Architecture and Its Countermeasures

Science.gov (United States)

Iqbal, Mian Muhammad Waseem; Kausar, Firdous; Wahla, Muhammad Arif

WPANs compliment the traditional IEEE 802.11 wireless networks by facilitating the clients with flexibility in network topologies, higher mobility and relaxed configuration/hardware requirements. Bluetooth, a WPAN technology, is an open standard for short-range radio frequency (RF) communication. However, it is also susceptible to typical security threats found in wireless LANs. This paper discuses some of the attack scenarios against the bluetooth network such as hostile intrusion, active Man-in-the-Middle (MITM) attack using unit key and various forms of denial of service (DoS) attacks. These threats and attacks compromise the confidentiality and availability of bluetooth data and services. This paper proposes an improved security architecture for bluetooth device which provides protection against the above mentioned attacks.

Towards Reliable Evaluation of Anomaly-Based Intrusion Detection Performance

Science.gov (United States)

Viswanathan, Arun

2012-01-01

This report describes the results of research into the effects of environment-induced noise on the evaluation process for anomaly detectors in the cyber security domain. This research was conducted during a 10-week summer internship program from the 19th of August, 2012 to the 23rd of August, 2012 at the Jet Propulsion Laboratory in Pasadena, California. The research performed lies within the larger context of the Los Angeles Department of Water and Power (LADWP) Smart Grid cyber security project, a Department of Energy (DoE) funded effort involving the Jet Propulsion Laboratory, California Institute of Technology and the University of Southern California/ Information Sciences Institute. The results of the present effort constitute an important contribution towards building more rigorous evaluation paradigms for anomaly-based intrusion detectors in complex cyber physical systems such as the Smart Grid. Anomaly detection is a key strategy for cyber intrusion detection and operates by identifying deviations from profiles of nominal behavior and are thus conceptually appealing for detecting "novel" attacks. Evaluating the performance of such a detector requires assessing: (a) how well it captures the model of nominal behavior, and (b) how well it detects attacks (deviations from normality). Current evaluation methods produce results that give insufficient insight into the operation of a detector, inevitably resulting in a significantly poor characterization of a detectors performance. In this work, we first describe a preliminary taxonomy of key evaluation constructs that are necessary for establishing rigor in the evaluation regime of an anomaly detector. We then focus on clarifying the impact of the operational environment on the manifestation of attacks in monitored data. We show how dynamic and evolving environments can introduce high variability into the data stream perturbing detector performance. Prior research has focused on understanding the impact of this

Non-intrusive refractometer sensor

Indian Academy of Sciences (India)

An experimental realization of a simple non-intrusive refractometer sensor .... and after amplification is finally read by a digital multimeter (Fluke make: 179 true ... To study the response of the present FO refractometer, propylene glycol has been ... values of all the samples were initially measured by Abbe's refractometer.

Integrating Programming Language and Operating System Information Security Mechanisms

Science.gov (United States)

2016-08-31

suggestions for reducing the burden, to the Department of Defense, Executive Service Directorate (0704-0188). Respondents should be aware that...improve the precision of security enforcement, and to provide greater assurance of information security. This grant focuses on two key projects: language...based control of authority; and formal guarantees for the correctness of audit information. 15. SUBJECT TERMS 16. SECURITY CLASSIFICATION OF: 17

U–Pb geochronology of the Eocene Kærven intrusive complex, East Greenland

DEFF Research Database (Denmark)

Þórarinsson, Sigurjón Böðvar; Holm, Paul Martin; Tappe, Sebatstian

2016-01-01

Several major tholeiitic (e.g. the Skaergaard intrusion) and alkaline (e.g. the Kangerlussuaq Syenite) intrusive complexes of the North Atlantic Large Igneous Province are exposed along the Kangerlussuaq Fjord in East Greenland. The Kærven Complex forms a satellite intrusion to the Kangerlussuaq ...

The impact of security on cooperative awareness in VANET

NARCIS (Netherlands)

Feiri, Michael; Petit, Jonathan; Schmidt, R.; Kargl, Frank

2013-01-01

Vehicular networking enables new safety applications that aim at improving roads safety. Because of their direct relation to driver's safety, this goal can only be achieved if vehicular networking is based on a technology that is robust against malicious attackers. Therefore, security mechanisms

A survey of intrusion detection techniques in Cloud

OpenAIRE

Modi, C.; Patel, D.; Patel, H.; Borisaniya, B.; Patel, A.; Rajarajan, M.

2013-01-01

Cloud computing provides scalable, virtualized on-demand services to the end users with greater flexibility and lesser infrastructural investment. These services are provided over the Internet using known networking protocols, standards and formats under the supervision of different managements. Existing bugs and vulnerabilities in underlying technologies and legacy protocols tend to open doors for intrusion. This paper, surveys different intrusions affecting availability, confidentiality and...

Some reflections on human intrusion into a nuclear waste repository

International Nuclear Information System (INIS)

Westerlind, M.

2002-01-01

This paper summarises some of the Swedish nuclear regulators' requirements and views related to intrusion into a repository for spent nuclear fuel, in the post-closure phase. The focus is however on experiences from the interaction with various stakeholders in the Swedish process for siting a repository. It is recognised that intrusion is not a major concern but that it is regularly raised in the debate, often in connection with issues related to retrievability. It is pointed out that more attention should be paid to the repository performance after an intrusion event, both in safety assessments and in communication with stakeholders, and not only address the immediate impacts to intruders. It is believed that international co-operation would be useful for developing methodologies for defining intrusion scenarios. (author)

How stratospheric are deep stratospheric intrusions? LUAMI 2008

Directory of Open Access Journals (Sweden)

T. Trickl

2016-07-01

Full Text Available A large-scale comparison of water-vapour vertical-sounding instruments took place over central Europe on 17 October 2008, during a rather homogeneous deep stratospheric intrusion event (LUAMI, Lindenberg Upper-Air Methods Intercomparison. The measurements were carried out at four observational sites: Payerne (Switzerland, Bilthoven (the Netherlands, Lindenberg (north-eastern Germany, and the Zugspitze mountain (Garmisch-Partenkichen, German Alps, and by an airborne water-vapour lidar system creating a transect of humidity profiles between all four stations. A high data quality was verified that strongly underlines the scientific findings. The intrusion layer was very dry with a minimum mixing ratios of 0 to 35 ppm on its lower west side, but did not drop below 120 ppm on the higher-lying east side (Lindenberg. The dryness hardens the findings of a preceding study (“Part 1”, Trickl et al., 2014 that, e.g., 73 % of deep intrusions reaching the German Alps and travelling 6 days or less exhibit minimum mixing ratios of 50 ppm and less. These low values reflect values found in the lowermost stratosphere and indicate very slow mixing with tropospheric air during the downward transport to the lower troposphere. The peak ozone values were around 70 ppb, confirming the idea that intrusion layers depart from the lowermost edge of the stratosphere. The data suggest an increase of ozone from the lower to the higher edge of the intrusion layer. This behaviour is also confirmed by stratospheric aerosol caught in the layer. Both observations are in agreement with the idea that sections of the vertical distributions of these constituents in the source region were transferred to central Europe without major change. LAGRANTO trajectory calculations demonstrated a rather shallow outflow from the stratosphere just above the dynamical tropopause, for the first time confirming the conclusions in “Part 1” from the Zugspitze CO observations. The

Association between intrusive negative autobiographical memories and depression: A meta-analytic investigation.

Science.gov (United States)

Mihailova, Stella; Jobson, Laura

2018-02-23

The study investigated several associations between depression and intrusive negative autobiographical memories. A systematic literature search identified 23 eligible studies (N = 2,582), which provided 59 effect sizes. Separate meta-analyses indicated that depression was moderately, positively associated with intrusive memory frequency, memory distress, maladaptive memory appraisals, memory avoidance, and memory rumination. Intrusive memory vividness was not significantly associated with depression. There were insufficient data to examine the relationship between depression and memory vantage perspective. Between-study heterogeneity was high for intrusive memory frequency and memory avoidance, and the percentage of females in studies significantly moderated the relationship between these variables and depression. An additional exploratory meta-analysis (3 studies; N = 257) indicated that intrusive memories were experienced more frequently by those with posttraumatic stress disorder than those with depression. Overall, the findings suggest that intrusive memories warrant clinical attention as they may contribute to the maintenance of depressive symptomatology. Copyright © 2018 John Wiley & Sons, Ltd.

An Analysis of Security System for Intrusion in Smartphone Environment

Directory of Open Access Journals (Sweden)

Maya Louk

2014-01-01

Full Text Available There are many malware applications in Smartphone. Smartphone’s users may become unaware if their data has been recorded and stolen by intruders via malware. Smartphone—whether for business or personal use—may not be protected from malwares. Thus, monitoring, detecting, tracking, and notification (MDTN have become the main purpose of the writing of this paper. MDTN is meant to enable Smartphone to prevent and reduce the number of cybercrimes. The methods are shown to be effective in protecting Smartphone and isolating malware and sending warning in the form of notification to the user about the danger in progress. In particular, (a MDTN process is possible and will be enabled for Smartphone environment. (b The methods are shown to be an advanced security for private sensitive data of the Smartphone user.

An analysis of security system for intrusion in Smartphone environment.

Science.gov (United States)

Louk, Maya; Lim, Hyotaek; Lee, HoonJae

2014-01-01

There are many malware applications in Smartphone. Smartphone's users may become unaware if their data has been recorded and stolen by intruders via malware. Smartphone--whether for business or personal use--may not be protected from malwares. Thus, monitoring, detecting, tracking, and notification (MDTN) have become the main purpose of the writing of this paper. MDTN is meant to enable Smartphone to prevent and reduce the number of cybercrimes. The methods are shown to be effective in protecting Smartphone and isolating malware and sending warning in the form of notification to the user about the danger in progress. In particular, (a) MDTN process is possible and will be enabled for Smartphone environment. (b) The methods are shown to be an advanced security for private sensitive data of the Smartphone user.

Intensively exploited Mediterranean aquifers: resilience and proximity to critical points of seawater intrusion

Science.gov (United States)

Mazi, K.; Koussis, A. D.; Destouni, G.

2013-11-01

We investigate here seawater intrusion in three prominent Mediterranean aquifers that are subject to intensive exploitation and modified hydrologic regimes by human activities: the Nile Delta Aquifer, the Israel Coastal Aquifer and the Cyprus Akrotiri Aquifer. Using a generalized analytical sharp-interface model, we review the salinization history and current status of these aquifers, and quantify their resilience/vulnerability to current and future sea intrusion forcings. We identify two different critical limits of sea intrusion under groundwater exploitation and/or climatic stress: a limit of well intrusion, at which intruded seawater reaches key locations of groundwater pumping, and a tipping point of complete sea intrusion upto the prevailing groundwater divide of a coastal aquifer. Either limit can be reached, and ultimately crossed, under intensive aquifer exploitation and/or climate-driven change. We show that sea intrusion vulnerability for different aquifer cases can be directly compared in terms of normalized intrusion performance curves. The site-specific assessments show that the advance of seawater currently seriously threatens the Nile Delta Aquifer and the Israel Coastal Aquifer. The Cyprus Akrotiri Aquifer is currently somewhat less threatened by increased seawater intrusion.

Intensively exploited Mediterranean aquifers: resilience to seawater intrusion and proximity to critical thresholds

Science.gov (United States)

Mazi, K.; Koussis, A. D.; Destouni, G.

2014-05-01

We investigate seawater intrusion in three prominent Mediterranean aquifers that are subject to intensive exploitation and modified hydrologic regimes by human activities: the Nile Delta, Israel Coastal and Cyprus Akrotiri aquifers. Using a generalized analytical sharp interface model, we review the salinization history and current status of these aquifers, and quantify their resilience/vulnerability to current and future seawater intrusion forcings. We identify two different critical limits of seawater intrusion under groundwater exploitation and/or climatic stress: a limit of well intrusion, at which intruded seawater reaches key locations of groundwater pumping, and a tipping point of complete seawater intrusion up to the prevailing groundwater divide of a coastal aquifer. Either limit can be reached, and ultimately crossed, under intensive aquifer exploitation and/or climate-driven change. We show that seawater intrusion vulnerability for different aquifer cases can be directly compared in terms of normalized intrusion performance curves. The site-specific assessments show that (a) the intruding seawater currently seriously threatens the Nile Delta aquifer, (b) in the Israel Coastal aquifer the sharp interface toe approaches the well location and (c) the Cyprus Akrotiri aquifer is currently somewhat less threatened by increased seawater intrusion.

Nuclear security officer training

International Nuclear Information System (INIS)

Harrington, W.F.

1981-01-01

Training has become complex and precise in today's world of critical review and responsibility. Entrusted to a security officer is the success or demise of large business. In more critical environments the security officer is entrusted with the monitoring and protection of life sensitive systems and devices. The awareness of this high visibility training requirement has been addressed by a limited few. Those involved in the nuclear power industry through dedication and commitment to the American public have without a doubt become leading pioneers in demanding training excellence

BWS Open System Architecture Security Assessment

OpenAIRE

Cristian Ionita

2011-01-01

Business process management systems play a central role in supporting the business operations of medium and large organizations. Because of this the security characteristics of these systems are becoming very important. The present paper describes the BWS architecture used to implement the open process aware information system DocuMentor. Using the proposed platform, the article identifies the security characteristics of such systems, shows the correlation between these characteristics and th...

Hazard Models From Periodic Dike Intrusions at Kı¯lauea Volcano, Hawai`i

Science.gov (United States)

Montgomery-Brown, E. K.; Miklius, A.

2016-12-01

The persistence and regular recurrence intervals of dike intrusions in the East Rift Zone (ERZ) of Kı¯lauea Volcano lead to the possibility of constructing a time-dependent intrusion hazard model. Dike intrusions are commonly observed in Kı¯lauea Volcano's ERZ and can occur repeatedly in regions that correlate with seismic segments (sections of rift seismicity with persistent definitive lateral boundaries) proposed by Wright and Klein (USGS PP1806, 2014). Five such ERZ intrusions have occurred since 1983 with inferred locations downrift of the bend in Kı¯lauea's ERZ, with the first (1983) being the start of the ongoing ERZ eruption. The ERZ intrusions occur on one of two segments that are spatially coincident with seismic segments: Makaopuhi (1993 and 2007) and Nāpau (1983, 1997, and 2011). During each intrusion, the amount of inferred dike opening was between 2 and 3 meters. The times between ERZ intrusions for same-segment pairs are all close to 14 years: 14.07 (1983-1997), 14.09 (1997-2011), and 13.95 (1993-2007) years, with the Nāpau segment becoming active about 3.5 years after the Makaopuhi segment in each case. Four additional upper ERZ intrusions are also considered here. Dikes in the upper ERZ have much smaller opening ( 10 cm), and have shorter recurrence intervals of 8 years with more variability. The amount of modeled dike opening during each of these events roughly corresponds to the amount of seaward south flank motion and deep rift opening accumulated in the time between events. Additionally, the recurrence interval of 14 years appears to be unaffected by the magma surge of 2003-2007, suggesting that flank motion, rather than magma supply, could be a controlling factor in the timing and periodicity of intrusions. Flank control over the timing of magma intrusions runs counter to the historical research suggesting that dike intrusions at Kı¯lauea are driven by magma overpressure. This relatively free sliding may have resulted from decreased

RUSSIA›S COOPERATION WITH THE COUNTRIES OF POST-SOVIET EURASIA IN THE FIELD OF SECURITY