Estimating infection attack rates and severity in real time during an influenza pandemic: analysis of serial cross-sectional serologic surveillance data.

Directory of Open Access Journals (Sweden)

Joseph T Wu

2011-10-01

Full Text Available In an emerging influenza pandemic, estimating severity (the probability of a severe outcome, such as hospitalization, if infected is a public health priority. As many influenza infections are subclinical, sero-surveillance is needed to allow reliable real-time estimates of infection attack rate (IAR and severity.We tested 14,766 sera collected during the first wave of the 2009 pandemic in Hong Kong using viral microneutralization. We estimated IAR and infection-hospitalization probability (IHP from the serial cross-sectional serologic data and hospitalization data. Had our serologic data been available weekly in real time, we would have obtained reliable IHP estimates 1 wk after, 1-2 wk before, and 3 wk after epidemic peak for individuals aged 5-14 y, 15-29 y, and 30-59 y. The ratio of IAR to pre-existing seroprevalence, which decreased with age, was a major determinant for the timeliness of reliable estimates. If we began sero-surveillance 3 wk after community transmission was confirmed, with 150, 350, and 500 specimens per week for individuals aged 5-14 y, 15-19 y, and 20-29 y, respectively, we would have obtained reliable IHP estimates for these age groups 4 wk before the peak. For 30-59 y olds, even 800 specimens per week would not have generated reliable estimates until the peak because the ratio of IAR to pre-existing seroprevalence for this age group was low. The performance of serial cross-sectional sero-surveillance substantially deteriorates if test specificity is not near 100% or pre-existing seroprevalence is not near zero. These potential limitations could be mitigated by choosing a higher titer cutoff for seropositivity. If the epidemic doubling time is longer than 6 d, then serial cross-sectional sero-surveillance with 300 specimens per week would yield reliable estimates when IAR reaches around 6%-10%.Serial cross-sectional serologic data together with clinical surveillance data can allow reliable real-time estimates of IAR and

Blocking of Brute Force Attack

OpenAIRE

M.Venkata Krishna Reddy

2012-01-01

A common threat Web developers face is a password-guessing attack known as a brute-force attack. A brute-force attack is an attempt to discover a password by systematically trying every possible combination of letters, numbers, and symbols until you discover the one correct combination that works. If your Web site requires user authentication, you are a good target for a brute-force attack. An attacker can always discover a password through a brute-force attack, but the downside is that it co...

Impact modeling and prediction of attacks on cyber targets

Science.gov (United States)

Khalili, Aram; Michalk, Brian; Alford, Lee; Henney, Chris; Gilbert, Logan

2010-04-01

In most organizations, IT (information technology) infrastructure exists to support the organization's mission. The threat of cyber attacks poses risks to this mission. Current network security research focuses on the threat of cyber attacks to the organization's IT infrastructure; however, the risks to the overall mission are rarely analyzed or formalized. This connection of IT infrastructure to the organization's mission is often neglected or carried out ad-hoc. Our work bridges this gap and introduces analyses and formalisms to help organizations understand the mission risks they face from cyber attacks. Modeling an organization's mission vulnerability to cyber attacks requires a description of the IT infrastructure (network model), the organization mission (business model), and how the mission relies on IT resources (correlation model). With this information, proper analysis can show which cyber resources are of tactical importance in a cyber attack, i.e., controlling them enables a large range of cyber attacks. Such analysis also reveals which IT resources contribute most to the organization's mission, i.e., lack of control over them gravely affects the mission. These results can then be used to formulate IT security strategies and explore their trade-offs, which leads to better incident response. This paper presents our methodology for encoding IT infrastructure, organization mission and correlations, our analysis framework, as well as initial experimental results and conclusions.

Ethnic Differences in Poststroke Quality of Life in the Brain Attack Surveillance in Corpus Christi (BASIC) Project.

Science.gov (United States)

Reeves, Sarah L; Brown, Devin L; Baek, Jonggyu; Wing, Jeffrey J; Morgenstern, Lewis B; Lisabeth, Lynda D

2015-10-01

Mexican Americans (MAs) have an increased risk of stroke and experience worse poststroke disability than non-Hispanic whites, which may translate into worse poststroke quality of life (QOL). We assessed ethnic differences in poststroke QOL, as well as potential modification of associations by age, sex, and initial stroke severity. Ischemic stroke survivors were identified through the biethnic, population-based Brain Attack Surveillance in Corpus Christi (BASIC) Project. Data were collected from medical records, baseline interviews, and 90-day poststroke interviews. Poststroke QOL was measured at ≈90 days by the validated short-form stroke-specific QOL in 3 domains: overall, physical, and psychosocial (range, 0-5; higher scores represent better QOL). Tobit regression was used to model associations between ethnicity and poststroke QOL scores, adjusted for demographics, clinical characteristics, and prestroke cognition and function. Among 290 eligible stroke survivors (66% MA, 34% non-Hispanic whites, median age=69 years), median scores for overall, physical, and psychosocial poststroke QOL were 3.3, 3.8, and 2.7, respectively. Poststroke QOL was lower for MAs than non-Hispanic whites both overall (mean difference, -0.30; 95% confidence interval, -0.59, -0.01) and in the physical domain (mean difference, -0.47; 95% confidence interval, -0.81, -0.14) after multivariable adjustment. No ethnic difference was found in the psychosocial domain. Age modified the associations between ethnicity and poststroke QOL such that differences were present in older but not in younger ages. Disparities exist in poststroke QOL for MAs and seem to be driven by differences in older stroke patients. Targeted interventions to improve outcomes among MA stroke survivors are urgently needed. © 2015 American Heart Association, Inc.

Armed Deterrence: Countering Soft Target Attacks

Science.gov (United States)

2016-02-06

offer no security. With over 17,430 such geographically separated military sites across the United States, these fatal shootings by a Kuwaiti- born ...increasing trend and the carnage 4 that IS sympathizers can unleash. This coordinated attack on a concert hall, a soccer stadium, and restaurant

Classifying network attack scenarios using an ontology

CSIR Research Space (South Africa)

Van Heerden, RP

2012-03-01

Full Text Available ) or to the target?s reputation. The Residue sub-phase refers to damage or artefacts of the attack that occur after the attack goal has been achieved, and occurs because the attacker loses control of some systems. For example after the launch of a DDOS..., A. (1995). Hacking theft of $10 million from citibank revealed. Retrieved 10/10, 2011, from http://articles.latimes.com/1995-08-19/business/fi-36656_1_citibank-system Hurley, E. (2004). SCO site succumbs to DDoS attack. Retrieved 10/10, 2011, from...

Method for prejudging intention of warship to attack air target

Directory of Open Access Journals (Sweden)

ZHAO Handong

2018-02-01

Full Text Available [Objectives] This paper proposes a heterogeneous integrated learner to solve the problem of fuzzy uncertainty classification in order to judge the target intention of air attack in a short time. [Methods] First, a limit learning machine, decision tree, Skohonen neural network and LVQ neural network are selected to construct the heterogeneous integrated learner using the integrated learning strategy. Next, the training program is trained 100 times using the integrated learner to obtain the classification experiment average accuracy and calculation time. In order to improve the accuracy, integrated pruning is carried out to eliminate the "poor quality" LVQ neural network, and a more efficient heterogeneous integrated learner is reconstructed. The experimental results are extremely accurate but the calculation is time-consuming. In this paper, the Skohonen neural network sub-classifier is proposed as an "offline training and online call". [Results] Simulation experiments show that the time consumed from detecting the air targets to prejudging the intention of each incoming target is 4.972 s with an accuracy of 99.93%, which is excellent for meeting accuracy and real-time requirements. [Conclusions] This study provides a new and effective method for air defense decision-making. The method used in this paper also provides a better way of realizing the classification problem of small samples.

Factors affecting ambulance utilization for asthma attack treatment: understanding where to target interventions.

Science.gov (United States)

Raun, L H; Ensor, K B; Campos, L A; Persse, D

2015-05-01

Asthma is a serious, sometimes fatal condition, in which attacks vary in severity, potentially requiring emergency medical services (EMS) ambulance treatment. A portion of asthma attacks requiring EMS ambulance treatment may be prevented with improved education and access to care. The aim of this study was to identify areas of the city with high rates of utilization of EMS ambulance for treatment, and the demographics, socio-economic status, and time of day associated with these rates, to better target future interventions to prevent emergencies and reduce cost. A cross-sectional study was conducted on individuals in Houston, TX (USA) requiring ambulance treatment for asthma attacks from 2004 to 2011. 12,155 EMS ambulance-treated asthma attack cases were linked to census tracts. High rate treatment areas were identified with geospatial mapping. Census tract demographic characteristics of these high rate areas were compared with the remainder of the city using logistic regression. The association between case level demographics and the time of day of asthma attack within the high rate area was also assessed with logistic regression. EMS ambulance-treated high rate areas were identified and found to have a utilization incidence rate over six times higher per 100,000 people than the remainder of the city. There is an increased risk of location in this high rate area with a census tract level increase of percent of population: earning less than $10,000 yearly income (RR 1.21, 1.16-1.26), which is black (RR 1.08, 1.07-1.10), which is female (RR 1.34, 1.20-1.49) and have obtained less than a high school degree (RR 1.02, 1.01-1.03). Within the high rate area, case level data indicates an increased risk of requiring an ambulance after normal doctor office hours for men compared with women (RR 1.13, 1.03-1.22), for black compared with Hispanic ethnicity (RR 1.31, 1.08-1.59), or for adults (less than 41 and greater than 60) compared with children. Interventions to prevent

Forensics Investigation of Web Application Security Attacks

OpenAIRE

Amor Lazzez; Thabet Slimani

2015-01-01

Nowadays, web applications are popular targets for security attackers. Using specific security mechanisms, we can prevent or detect a security attack on a web application, but we cannot find out the criminal who has carried out the security attack. Being unable to trace back an attack, encourages hackers to launch new attacks on the same system. Web application forensics aims to trace back and attribute a web application security attack to its originator. This may significantly reduce the sec...

DoS attacks targeting SIP server and improvements of robustness

OpenAIRE

Vozňák, Miroslav; Šafařík, Jakub

2012-01-01

The paper describes the vulnerability of SIP servers to DoS attacks and methods for server protection. For each attack, this paper describes their impact on a SIP server, evaluation of the threat and the way in which they are executed. Attacks are described in detail, and a security precaution is made to prevent each of them. The proposed solution of the protection is based on a specific topology of an intrusion protection systems components consisting of a combination of...

Malware Analysis: From Large-Scale Data Triage to Targeted Attack Recognition (Dagstuhl Seminar 17281)

OpenAIRE

Zennou, Sarah; Debray, Saumya K.; Dullien, Thomas; Lakhothia, Arun

2018-01-01

This report summarizes the program and the outcomes of the Dagstuhl Seminar 17281, entitled "Malware Analysis: From Large-Scale Data Triage to Targeted Attack Recognition". The seminar brought together practitioners and researchers from industry and academia to discuss the state-of-the art in the analysis of malware from both a big data perspective and a fine grained analysis. Obfuscation was also considered. The meeting created new links within this very diverse community.

Do obese adults have a higher risk of asthma attack when exposed to indoor mold? A study based on the 2005 Behavioral Risk Factor Surveillance System.

Science.gov (United States)

Wen, Xiao-Jun; Balluz, Lina; Mokdad, Ali

2009-01-01

Some studies show an association between asthma and obesity, but it is unknown whether exposure to mold will increase the risk of asthma attacks among obese people. This study examined whether obese adults have a higher risk of asthma attacks than non-obese adults when exposed to indoor mold. We used data from the 2005 Behavioral Risk Factor Surveillance System to conduct a cross-sectional analysis among 9,668 respondents who reported exposure to indoor mold. With exposure to indoor mold, weighted prevalence of asthma attacks among obese respondents was 11.4% (95% confidence interval [CI] 6.0, 20.6], which was 2.3 times as high as among the exposed non-obese respondents (5.0%, 95% CI 2.8, 8.8). This ratio was almost the same as the ratio of 2.0:1 between the obese respondents (5.7%, 95% CI 4.6, 7.2) and the non-obese respondents (2.8%, 95% CI 2.3, 3.9) when neither group had exposure to mold. The odds ratio of asthma attack among obese people was 3.10 (95% CI 1.10, 8.67) for those with exposure to mold and 2.21 (95% CI 1.54, 3.17) for those without exposure to mold after adjusting for age, sex, race/ethnicity, and smoking status. Our study suggests that obese adults who have been exposed to indoor mold may not necessarily have a higher risk of asthma attack than obese adults who have not been exposed, even though obesity and exposure to indoor mold are both major risk factors for asthma attack. Medical professionals should not only incorporate weight-control or weight-reduction measures as the components of asthma treatment plans, but also advise asthma patients to avoid exposure to indoor mold.

Epidemiological findings of major chemical attacks in the Syrian war are consistent with civilian targeting: a short report.

Science.gov (United States)

Rodriguez-Llanes, Jose M; Guha-Sapir, Debarati; Schlüter, Benjamin-Samuel; Hicks, Madelyn Hsiao-Rei

2018-01-01

Evidence of use of toxic gas chemical weapons in the Syrian war has been reported by governmental and non-governmental international organizations since the war started in March 2011. To date, the profiles of victims of the largest chemical attacks in Syria remain unknown. In this study, we used descriptive epidemiological analysis to describe demographic characteristics of victims of the largest chemical weapons attacks in the Syrian war. We analysed conflict-related, direct deaths from chemical weapons recorded in non-government-controlled areas by the Violation Documentation Center, occurring from March 18, 2011 to April 10, 2017, with complete information on the victim's date and place of death, cause and demographic group. 'Major' chemical weapons events were defined as events causing ten or more direct deaths. As of April 10, 2017, a total of 1206 direct deaths meeting inclusion criteria were recorded in the dataset from all chemical weapons attacks regardless of size. Five major chemical weapons attacks caused 1084 of these documented deaths. Civilians comprised the majority ( n  = 1058, 97.6%) of direct deaths from major chemical weapons attacks in Syria and combatants comprised a minority of 2.4% ( n  = 26). In the first three major chemical weapons attacks, which occurred in 2013, children comprised 13%-14% of direct deaths, ranging in numbers from 2 deaths among 14 to 117 deaths among 923. Children comprised higher proportions of direct deaths in later major chemical weapons attacks, forming 21% ( n  = 7) of 33 deaths in the 2016 major attack and 34.8% ( n  = 32) of 92 deaths in the 2017 major attack. Our finding of an extreme disparity in direct deaths from major chemical weapons attacks in Syria, with 97.6% of victims being civilians and only 2.4% being combatants provides evidence that major chemical weapons attacks were indiscriminate or targeted civilians directly; both violations of International Humanitarian Law (IHL). Identifying and

An SDN-Based Fingerprint Hopping Method to Prevent Fingerprinting Attacks

Directory of Open Access Journals (Sweden)

Zheng Zhao

2017-01-01

Full Text Available Fingerprinting attacks are one of the most severe threats to the security of networks. Fingerprinting attack aims to obtain the operating system information of target hosts to make preparations for future attacks. In this paper, a fingerprint hopping method (FPH is proposed based on software-defined networks to defend against fingerprinting attacks. FPH introduces the idea of moving target defense to show a hopping fingerprint toward the fingerprinting attackers. The interaction of the fingerprinting attack and its defense is modeled as a signal game, and the equilibriums of the game are analyzed to develop an optimal defense strategy. Experiments show that FPH can resist fingerprinting attacks effectively.

Gray Matter Is Targeted in First-Attack Multiple Sclerosis

Energy Technology Data Exchange (ETDEWEB)

Schutzer, Steven E.; Angel, Thomas E.; Liu, Tao; Schepmoes, Athena A.; Xie, Fang; Bergquist, Jonas P.; Vecsei, Lazlo' ; Zadori, Denes; Camp, David G.; Holland, Bart K.; Smith, Richard D.; Coyle, Patricia K.

2013-09-10

The cause of multiple sclerosis (MS), its driving pathogenesis at the earliest stages, and what factors allow the first clinical attack to manifest remain unknown. Some imaging studies suggest gray rather than white matter may be involved early, and some postulate this may be predictive of developing MS. Other imaging studies are in conflict. To determine if there was objective molecular evidence of gray matter involvement in early MS we used high-resolution mass spectrometry to identify proteins in the cerebrospinal fluid (CSF) of first-attack MS patients (two independent groups) compared to established relapsing remitting (RR) MS and controls. We found that the CSF proteins in first-attack patients were differentially enriched for gray matter components (axon, neuron, synapse). Myelin components did not distinguish these groups. The results support that gray matter dysfunction is involved early in MS, and also may be integral for the initial clinical presentation.

Multi-Layer Approach for the Detection of Selective Forwarding Attacks.

Science.gov (United States)

Alajmi, Naser; Elleithy, Khaled

2015-11-19

Security breaches are a major threat in wireless sensor networks (WSNs). WSNs are increasingly used due to their broad range of important applications in both military and civilian domains. WSNs are prone to several types of security attacks. Sensor nodes have limited capacities and are often deployed in dangerous locations; therefore, they are vulnerable to different types of attacks, including wormhole, sinkhole, and selective forwarding attacks. Security attacks are classified as data traffic and routing attacks. These security attacks could affect the most significant applications of WSNs, namely, military surveillance, traffic monitoring, and healthcare. Therefore, there are different approaches to detecting security attacks on the network layer in WSNs. Reliability, energy efficiency, and scalability are strong constraints on sensor nodes that affect the security of WSNs. Because sensor nodes have limited capabilities in most of these areas, selective forwarding attacks cannot be easily detected in networks. In this paper, we propose an approach to selective forwarding detection (SFD). The approach has three layers: MAC pool IDs, rule-based processing, and anomaly detection. It maintains the safety of data transmission between a source node and base station while detecting selective forwarding attacks. Furthermore, the approach is reliable, energy efficient, and scalable.

Multi-Layer Approach for the Detection of Selective Forwarding Attacks

Directory of Open Access Journals (Sweden)

Naser Alajmi

2015-11-01

Full Text Available Security breaches are a major threat in wireless sensor networks (WSNs. WSNs are increasingly used due to their broad range of important applications in both military and civilian domains. WSNs are prone to several types of security attacks. Sensor nodes have limited capacities and are often deployed in dangerous locations; therefore, they are vulnerable to different types of attacks, including wormhole, sinkhole, and selective forwarding attacks. Security attacks are classified as data traffic and routing attacks. These security attacks could affect the most significant applications of WSNs, namely, military surveillance, traffic monitoring, and healthcare. Therefore, there are different approaches to detecting security attacks on the network layer in WSNs. Reliability, energy efficiency, and scalability are strong constraints on sensor nodes that affect the security of WSNs. Because sensor nodes have limited capabilities in most of these areas, selective forwarding attacks cannot be easily detected in networks. In this paper, we propose an approach to selective forwarding detection (SFD. The approach has three layers: MAC pool IDs, rule-based processing, and anomaly detection. It maintains the safety of data transmission between a source node and base station while detecting selective forwarding attacks. Furthermore, the approach is reliable, energy efficient, and scalable.

Attacker-defender game from a network science perspective

Science.gov (United States)

Li, Ya-Peng; Tan, Suo-Yi; Deng, Ye; Wu, Jun

2018-05-01

Dealing with the protection of critical infrastructures, many game-theoretic methods have been developed to study the strategic interactions between defenders and attackers. However, most game models ignore the interrelationship between different components within a certain system. In this paper, we propose a simultaneous-move attacker-defender game model, which is a two-player zero-sum static game with complete information. The strategies and payoffs of this game are defined on the basis of the topology structure of the infrastructure system, which is represented by a complex network. Due to the complexity of strategies, the attack and defense strategies are confined by two typical strategies, namely, targeted strategy and random strategy. The simulation results indicate that in a scale-free network, the attacker virtually always attacks randomly in the Nash equilibrium. With a small cost-sensitive parameter, representing the degree to which costs increase with the importance of a target, the defender protects the hub targets with large degrees preferentially. When the cost-sensitive parameter exceeds a threshold, the defender switches to protecting nodes randomly. Our work provides a new theoretical framework to analyze the confrontations between the attacker and the defender on critical infrastructures and deserves further study.

Exploiting Small Leakages in Masks to Turn a Second-Order Attack into a First-Order Attack and Improved Rotating Substitution Box Masking with Linear Code Cosets

Science.gov (United States)

DeTrano, Alexander; Karimi, Naghmeh; Karri, Ramesh; Guo, Xiaofei; Carlet, Claude; Guilley, Sylvain

2015-01-01

Masking countermeasures, used to thwart side-channel attacks, have been shown to be vulnerable to mask-extraction attacks. State-of-the-art mask-extraction attacks on the Advanced Encryption Standard (AES) algorithm target S-Box recomputation schemes but have not been applied to scenarios where S-Boxes are precomputed offline. We propose an attack targeting precomputed S-Boxes stored in nonvolatile memory. Our attack targets AES implemented in software protected by a low entropy masking scheme and recovers the masks with 91% success rate. Recovering the secret key requires fewer power traces (in fact, by at least two orders of magnitude) compared to a classical second-order attack. Moreover, we show that this attack remains viable in a noisy environment or with a reduced number of leakage points. Eventually, we specify a method to enhance the countermeasure by selecting a suitable coset of the masks set. PMID:26491717

A computer network attack taxonomy and ontology

CSIR Research Space (South Africa)

Van Heerden, RP

2012-01-01

Full Text Available of the attack that occur after the attack goal has been achieved, and occurs because the attacker loses control of some systems. For example, after the launch of a DDOS (Distributed Denial of Service) attack, zombie computers may still connect to the target...-scrap- value-of-a-hacked-pc-revisited/ . Lancor, L., & Workman, R. (2007). Using Google Hacking to Enhance Defense Strategies. ACM SIGCSE Bulletin, 39 (1), 491-495. Lau, F., Rubin, S. H., Smith, M. H., & Trajkovic, L. (2000). Distributed Denial of Service...

Is it wise to protect false targets?

International Nuclear Information System (INIS)

Levitin, Gregory; Hausken, Kjell

2011-01-01

The paper considers a system consisting of genuine elements and false targets that cannot be distinguished by the attacker's observation. The false targets can be destroyed with much less effort than the genuine elements. We show that even when an attacker cannot distinguish between the genuine elements and the false targets, in many cases it can enhance the attack efficiency using a double attack strategy in which it tries first to eliminate with minimal effort as many false targets as possible in the first attack and then distributes its entire remaining resource among all surviving targets in the second attack. The model for evaluating the system vulnerability in the double attack is suggested for a single genuine element, and multiple genuine elements configured in parallel or in series. This model assumes that in both attacks the attacking resource is distributed evenly among the attacked targets. The defender can optimize its limited resource distribution between deploying more false targets and protecting them better. The attacker can optimize its limited resource distribution between two attacks. The defense strategy is analyzed based on a two period minmax game. A numerical procedure is suggested that allows the defender to find the optimal resource distribution between deploying and protecting the false targets. The methodology of optimal attack and defense strategies analysis is demonstrated. It is shown that protecting the false targets may reduce the efficiency of the double attack strategy and make this strategy ineffective in situations with low contest intensity and few false targets. - Highlights: ► The efficiency of the double attack tactics against using false targets is analyzed. ► The role of the false target protection in system survivability enhancement is shown. ► The resource distribution between deploying more false targets and protecting them better is optimized. ► Both series and parallel systems are considered.

Collaborative Attack Mitigation and Response: A survey

NARCIS (Netherlands)

Steinberger, Jessica; Sperotto, Anna; Baier, Harald; Pras, Aiko

2015-01-01

Over recent years, network-based attacks have become to one of the top causes of network infrastructure and service outages. To counteract a network-based attack, an approach is to move mitigation from the target network to the networks of Internet Service Providers (ISP). However, it remains

Is it wise to leave some false targets unprotected?

International Nuclear Information System (INIS)

Levitin, Gregory; Hausken, Kjell

2013-01-01

The paper considers a system consisting of genuine elements and false targets that cannot be distinguished by the attacker's observation. The false targets can be destroyed with much less effort than the genuine elements. To enhance the attack efficiency the attacker uses a double attack strategy in which it tries first to eliminate with optimal effort as many false targets as possible in the first attack and then distributes its entire remaining resource among all surviving targets in the second attack. It is assumed that the defender can protect some of the false targets whereas the attacker attacks all targets it can observe. In both attacks the attacking resource is distributed evenly among the attacked targets. The model for evaluating the system vulnerability in the double attack is suggested for parallel and series systems. This model considers the cases of perfect and imperfect detection of the targets destroyed in the first attack. The defense strategy is analyzed based on a two period minmax game. The methodology of optimal attack and defense strategies analysis is demonstrated. In is shown that under certain conditions (high contest intensity, scarce defense resource, low FT cost, high probability of wrong identification of destroyed targets by the attacker) the defender benefits from protecting a subset of the false targets. An algorithm for determining the optimal number of false targets that should be protected is suggested

USBcat - Towards an Intrusion Surveillance Toolset

Directory of Open Access Journals (Sweden)

Chris Chapman

2014-10-01

Full Text Available This paper identifies an intrusion surveillance framework which provides an analyst with the ability to investigate and monitor cyber-attacks in a covert manner. Where cyber-attacks are perpetrated for the purposes of espionage the ability to understand an adversary's techniques and objectives are an important element in network and computer security. With the appropriate toolset, security investigators would be permitted to perform both live and stealthy counter-intelligence operations by observing the behaviour and communications of the intruder. Subsequently a more complete picture of the attacker's identity, objectives, capabilities, and infiltration could be formulated than is possible with present technologies. This research focused on developing an extensible framework to permit the covert investigation of malware. Additionally, a Universal Serial Bus (USB Mass Storage Device (MSD based covert channel was designed to enable remote command and control of the framework. The work was validated through the design, implementation and testing of a toolset.

The importance of being urgent: The impact of surveillance target and scale on mosquito-borne disease control

Directory of Open Access Journals (Sweden)

Samantha R. Schwab

2018-06-01

Full Text Available With the emergence or re-emergence of numerous mosquito-borne diseases in recent years, effective methods for emergency vector control responses are necessary to reduce human infections. Current vector control practices often vary significantly between different jurisdictions, and are executed independently and at different spatial scales. Various types of surveillance information (e.g. number of human infections or adult mosquitoes trigger the implementation of control measures, though the target and scale of surveillance vary locally. This patchy implementation of control measures likely alters the efficacy of control.We modeled six different scenarios, with larval mosquito control occurring in response to surveillance data of different types and at different scales (e.g. across the landscape or in each patch. Our results indicate that: earlier application of larvicide after an escalation of disease risk achieves much greater reductions in human infections than later control implementation; uniform control across the landscape provides better outbreak mitigation than patchy control application; and different types of surveillance data require different levels of sensitivity in their collection to effectively inform control measures. Our simulations also demonstrate a potential logical fallacy of reactive, surveillance-driven vector control: measures stop being implemented as soon as they are deemed effective. This false sense of security leads to patchier control efforts that will do little to curb the size of future vector-borne disease outbreaks. More investment should be placed in collecting high quality information that can trigger early and uniform implementation, while researchers work to discover more informative metrics of human risk to trigger more effective control. Keywords: Zika control, Epidemiological surveillance, Disease surveillance, Mosquito control, Vector-borne disease control, Epidemiological modeling

Understanding How Components of Organisations Contribute to Attacks

DEFF Research Database (Denmark)

Gu, Min; Aslanyan, Zaruhi; Probst, Christian W.

2016-01-01

Attacks on organisations today explore many different layers, including buildings infrastructure, IT infrastructure, and human factor – the physical, virtual, and social layer. Identifying possible attacks, understanding their impact, and attributing their origin and contributing factors is diffi......Attacks on organisations today explore many different layers, including buildings infrastructure, IT infrastructure, and human factor – the physical, virtual, and social layer. Identifying possible attacks, understanding their impact, and attributing their origin and contributing factors...... is difficult. Recently, system models have been used for automatically identifying possible attacks on the modelled organisation. The generated attacks consider all three layers, making the contribution of building infrastructure, computer infrastructure, and humans (insiders and outsiders) explicit. However......, this contribution is only visible in the attack trees as part of the performed steps; it cannot be mapped back to the model directly since the actions usually involve several elements (attacker and targeted actor or asset). Especially for large attack trees, understanding the relations between several model...

Research Note on the Energy Infrastructure Attack Database (EIAD

Directory of Open Access Journals (Sweden)

Jennifer Giroux

2013-12-01

Full Text Available The January 2013 attack on the In Amenas natural gas facility drew international attention. However this attack is part of a portrait of energy infrastructure targeting by non-state actors that spans the globe. Data drawn from the Energy Infrastructure Attack Database (EIAD shows that in the last decade there were, on average, nearly 400 annual attacks carried out by armed non-state actors on energy infrastructure worldwide, a figure that was well under 200 prior to 1999. This data reveals a global picture whereby violent non-state actors target energy infrastructures to air grievances, communicate to governments, impact state economic interests, or capture revenue in the form of hijacking, kidnapping ransoms, theft. And, for politically motivated groups, such as those engaged in insurgencies, attacking industry assets garners media coverage serving as a facilitator for international attention. This research note will introduce EIAD and position its utility within various research areas where the targeting of energy infrastructure, or more broadly energy infrastructure vulnerability, has been addressed, either directly or indirectly. We also provide a snapshot of the initial analysis of the data between 1980-2011, noting specific temporal and spatial trends, and then conclude with a brief discussion on the contribution of EIAD, highlighting future research trajectories. 

[Difficulties in the epidemiological surveillance of measles in Africa: exemplified by the Ivory Coast].

Science.gov (United States)

Rey, J L; Trolet, C; Soro, B; Cunin, P; Merouze, F

1991-06-01

In tropical areas measles cases often are under-reported but the authors comment here two epidemics which had at first been considered as outbreaks of measles but were not. The first epidemic resembled a Chikungunya virus outbreak with important rashes, hyperthermia and pain attacks and was due to Igbo-Ora arbovirus. In the second epidemic children were having rashes with hyperthermia and adenopathy evoking rubella. The authors consider the possibility of over-reporting in view of the surveillance of measles, the target-disease in EPI (Expanded Programme on Immunization). This hypothesis is confirmed by the distribution of reported cases at national level with a high rate of out-season cases and among adults.

Aerial surveillance based on hierarchical object classification for ground target detection

Science.gov (United States)

Vázquez-Cervantes, Alberto; García-Huerta, Juan-Manuel; Hernández-Díaz, Teresa; Soto-Cajiga, J. A.; Jiménez-Hernández, Hugo

2015-03-01

Unmanned aerial vehicles have turned important in surveillance application due to the flexibility and ability to inspect and displace in different regions of interest. The instrumentation and autonomy of these vehicles have been increased; i.e. the camera sensor is now integrated. Mounted cameras allow flexibility to monitor several regions of interest, displacing and changing the camera view. A well common task performed by this kind of vehicles correspond to object localization and tracking. This work presents a hierarchical novel algorithm to detect and locate objects. The algorithm is based on a detection-by-example approach; this is, the target evidence is provided at the beginning of the vehicle's route. Afterwards, the vehicle inspects the scenario, detecting all similar objects through UTM-GPS coordinate references. Detection process consists on a sampling information process of the target object. Sampling process encode in a hierarchical tree with different sampling's densities. Coding space correspond to a huge binary space dimension. Properties such as independence and associative operators are defined in this space to construct a relation between the target object and a set of selected features. Different densities of sampling are used to discriminate from general to particular features that correspond to the target. The hierarchy is used as a way to adapt the complexity of the algorithm due to optimized battery duty cycle of the aerial device. Finally, this approach is tested in several outdoors scenarios, proving that the hierarchical algorithm works efficiently under several conditions.

Gait biometrics under spoofing attacks: an experimental investigation

Science.gov (United States)

Hadid, Abdenour; Ghahramani, Mohammad; Kellokumpu, Vili; Feng, Xiaoyi; Bustard, John; Nixon, Mark

2015-11-01

Gait is a relatively biometric modality which has a precious advantage over other modalities, such as iris and voice, in that it can be easily captured from a distance. Although it has recently become a topic of great interest in biometric research, there has been little investigation into gait spoofing attacks where a person tries to imitate the clothing or walking style of someone else. We recently analyzed for the first time the effects of spoofing attacks on silhouette-based gait biometric systems and showed that it was indeed possible to spoof gait biometric systems by clothing impersonation and the deliberate selection of a target that has a similar build to the attacker. To gain deeper insight into the performance of current gait biometric systems under spoofing attacks, we provide a thorough investigation on how clothing can be used to spoof a target and evaluate the performance of two state-of-the-art recognition methods on a gait spoofing database recorded at the University of Southampton. Furthermore, we describe and evaluate an initial solution coping with gait spoofing attacks. The obtained results are very promising and point out interesting findings which can be used for future investigations.

Learning from history: The Glasgow Airport terrorist attack.

Science.gov (United States)

Crichton, Gillies

Glasgow Airport was the target of a terrorist attack on 30th June, 2007. Many people within Scotland had come to believe that Scotland was immune from terrorism. This perception was in large part informed by Scotland's experience during the protracted Troubles in Northern Ireland, during which the Provisional Irish Republican Army's mainland bombing campaign focused on targets in England, sparing both Scotland and Wales. While Glasgow Airport did not expect such an attack to take place, meticulous planning, organising and testing of plans had taken place to mitigate the unlikely event of such an attack. The attack stands up as a shining example of robust business continuity management, where the airport reopened for business as usual in less than 24 hours from the time of the attack. Little is known about how the airport handled the situation in conjunction with other responding agencies as people tend to want to focus on high-profile disasters only. Yet countless such incidents are happening worldwide on a daily basis, in which there are excellent learning opportunities, and, taken in the spirit of converting hindsight into foresight, the likelihood of similar incidents could potentially be reduced in the future.

Enhanced surveillance of Staphylococcus aureus bacteraemia to identify targets for infection prevention.

Science.gov (United States)

Morris, A K; Russell, C D

2016-06-01

Surveillance of Staphylococcus aureus bacteraemia (SAB) in Scotland is limited to the number of infections per 100,000 acute occupied bed-days and susceptibility to meticillin. To demonstrate the value of enhanced SAB surveillance to identify targets for infection prevention. Prospective cohort study of all patients identified with SAB over a five-year period in a single health board in Scotland. All patients were reviewed at the bedside by a clinical microbiologist. In all, 556 SAB episodes were identified: 261 (46.6%) were hospital-acquired; 209 (37.9%) were healthcare-associated; 80 (14.4%) were community-acquired; and in six (1.1%) the origin of infection was not hospital-acquired, but could not be separated into healthcare-associated or community-acquired. These were classified as non-hospital-acquired. Meticillin-resistant S. aureus (MRSA) bacteraemia was associated with hospital-acquired and healthcare-associated infections. In addition, there was a significantly higher 30-day mortality associated with hospital-acquired (31.4%) and healthcare-associated (16.3%) infections compared to community-acquired SAB (8.7%). Vascular access devices were associated with hospital-acquired SAB and peripheral venous cannulas were the source for most of these (43.9%). Community-acquired infections were associated with intravenous drug misuse, respiratory tract infections and skeletal and joint infections. Skin and soft tissue infections were more widely seen in healthcare-associated infections. The data indicate that enhanced surveillance of SAB by origin of infection and source of bacteraemia has implications for infection prevention, empirical antibiotic therapy, and health improvement interventions. Copyright © 2016 The Healthcare Infection Society. Published by Elsevier Ltd. All rights reserved.

Manned Airborne Intelligence, Surveillance, and Reconnaissance: Strategic, Tactical . . . Both?

Science.gov (United States)

2012-12-01

Program, 1996), 97, http://www.dtic.mil /cgi-bin/GetTRDoc?AD=ADA442835&Location=U2&doc=GetTRDoc.pdf. 17. Quoted in William E. Burrows , By Any Means...41. Larry Tart and Robert Keefe, The Price of Vigilance: Attacks on American Surveillance Flights (New York: Ballantine Books, 2001), 196. 42. Ibid

Testing a symptom-based surveillance system at high-profile gatherings as a preparatory measure for bioterrorism.

Science.gov (United States)

Osaka, K; Takahashi, H; Ohyama, T

2002-12-01

We tested symptom-based surveillance during the G8 conference in 2000 as a means of detecting outbreaks, including bio-terrorism attacks, promptly. Five categories of symptoms (skin and haemorrhagic, respiratory, gastrointestinal, neurological and unexplained) were adopted for the case definition of the surveillance. The surveillance began I week before the conference, and continued until 1 week after the conference ended. We could not detect any outbreaks during this surveillance. Compared to the existing diagnosis-based surveillance system, symptom-based surveillance has the advantages of timeliness and simplicity. However, poor specificity and difficulties in determining epidemic threshold were important limitations of this system. To increase the specificity of surveillance, it is essential to incorporate rapid laboratory diagnoses into the system.

An Approach for Assessing Consequences of Potential Supply Chain and Insider Contributed Cyber Attacks on Nuclear Power Plants

Energy Technology Data Exchange (ETDEWEB)

Chu, Tsong L.

2016-11-06

The Stuxnet attack at the Natanz facility is an example of a targeted and successful cyber attack on a nuclear facility. Snowden's release of National Security Agency documents demonstrated the consequences of the insider threat. More recently, the United States tried to attack North Korea but failed, South Korea was attempting to attack North Korea, and both applied Stuxnet-like approaches. These sophisticated targeted attacks differ from web-site hacking events that are reported almost daily in the news mainly because targeted attacks require detailed design and operation information of the systems attacked and/or are often carried out by insiders. For instance, in order to minimize disruption of facilities around the world, Stuxnet remained idle until it recognized the specific configuration of the Natanz facility, demonstrating that the attackers possessed extremely detailed information about the facility. Such targeted cyber attacks could become a national-level military weapon and be used in coercion of hostile countries.

Sleep Deprivation Attack Detection in Wireless Sensor Network

OpenAIRE

Bhattasali, Tapalina; Chaki, Rituparna; Sanyal, Sugata

2012-01-01

Deployment of sensor network in hostile environment makes it mainly vulnerable to battery drainage attacks because it is impossible to recharge or replace the battery power of sensor nodes. Among different types of security threats, low power sensor nodes are immensely affected by the attacks which cause random drainage of the energy level of sensors, leading to death of the nodes. The most dangerous type of attack in this category is sleep deprivation, where target of the intruder is to maxi...

Choosing What to Protect When Attacker Resources and Asset Valuations are Uncertain

Directory of Open Access Journals (Sweden)

Kjell Hausken

2014-01-01

Full Text Available The situation has been modelled where the attacker's resources are unknown to the defender. Protecting assets presupposes that the defender has some information on the attacker's resource capabilities. An attacker targets one of two assets. The attacker's resources and valuations of these assets are drawn probabilistically. We specify when the isoutility curves are upward sloping (the defender prefers to invest less in defense, thus leading to higher probabilities of success for attacks on both assets or downward sloping (e.g. when one asset has a low value or high unit defense cost. This stands in contrast to earlier research and results from the uncertainty regarding the level of the attacker's resources. We determine which asset the attacker targets depending on his type, unit attack costs, the contest intensity, and investment in defense. A two stage game is considered, where the defender moves first and the attacker moves second. When both assets are equivalent and are treated equivalently by both players, an interior equilibrium exists when the contest intensity is low, and a corner equilibrium with no defense exists when the contest intensity is large and the attacker holds large resources. Defense efforts are inverse U shaped in the attacker's resources. (original abstract

Surveillance and Resilience in Theory and Practice

Directory of Open Access Journals (Sweden)

Charles D. Raab

2015-09-01

Full Text Available Surveillance is often used as a tool in resilience strategies towards the threat posed by terrorist attacks and other serious crime. “Resilience” is a contested term with varying and ambiguous meaning in governmental, business and social discourses, and it is not clear how it relates to other terms that characterise processes or states of being. Resilience is often assumed to have positive connotations, but critics view it with great suspicion, regarding it as a neo-liberal governmental strategy. However, we argue that surveillance, introduced in the name of greater security, may itself erode social freedoms and public goods such as privacy, paradoxically requiring societal resilience, whether precautionary or in mitigation of the harms it causes to the public goods of free societies. This article develops new models and extends existing ones to describe resilience processes unfolding over time and in anticipation of, or in reaction to, adversities of different kinds and severity, and explores resilience both on the plane of abstract analysis and in the context of societal responses to mass surveillance. The article thus focuses upon surveillance as a special field for conceptual analysis and modelling of situations, and for evaluating contemporary developments in “surveillance societies”.

Influence of Different Coupling Modes on the Robustness of Smart Grid under Targeted Attack

Directory of Open Access Journals (Sweden)

WenJie Kang

2018-05-01

Full Text Available Many previous works only focused on the cascading failure of global coupling of one-to-one structures in interdependent networks, but the local coupling of dual coupling structures has rarely been studied due to its complex structure. This will result in a serious consequence that many conclusions of the one-to-one structure may be incorrect in the dual coupling network and do not apply to the smart grid. Therefore, it is very necessary to subdivide the dual coupling link into a top-down coupling link and a bottom-up coupling link in order to study their influence on network robustness by combining with different coupling modes. Additionally, the power flow of the power grid can cause the load of a failed node to be allocated to its neighboring nodes and trigger a new round of load distribution when the load of these nodes exceeds their capacity. This means that the robustness of smart grids may be affected by four factors, i.e., load redistribution, local coupling, dual coupling link and coupling mode; however, the research on the influence of those factors on the network robustness is missing. In this paper, firstly, we construct the smart grid as a two-layer network with a dual coupling link and divide the power grid and communication network into many subnets based on the geographical location of their nodes. Secondly, we define node importance ( N I as an evaluation index to access the impact of nodes on the cyber or physical network and propose three types of coupling modes based on N I of nodes in the cyber and physical subnets, i.e., Assortative Coupling in Subnets (ACIS, Disassortative Coupling in Subnets (DCIS, and Random Coupling in Subnets (RCIS. Thirdly, a cascading failure model is proposed for studying the effect of local coupling of dual coupling link in combination with ACIS, DCIS, and RCIS on the robustness of the smart grid against a targeted attack, and the survival rate of functional nodes is used to assess the robustness of

Influence of Different Coupling Modes on the Robustness of Smart Grid under Targeted Attack.

Science.gov (United States)

Kang, WenJie; Hu, Gang; Zhu, PeiDong; Liu, Qiang; Hang, Zhi; Liu, Xin

2018-05-24

Many previous works only focused on the cascading failure of global coupling of one-to-one structures in interdependent networks, but the local coupling of dual coupling structures has rarely been studied due to its complex structure. This will result in a serious consequence that many conclusions of the one-to-one structure may be incorrect in the dual coupling network and do not apply to the smart grid. Therefore, it is very necessary to subdivide the dual coupling link into a top-down coupling link and a bottom-up coupling link in order to study their influence on network robustness by combining with different coupling modes. Additionally, the power flow of the power grid can cause the load of a failed node to be allocated to its neighboring nodes and trigger a new round of load distribution when the load of these nodes exceeds their capacity. This means that the robustness of smart grids may be affected by four factors, i.e., load redistribution, local coupling, dual coupling link and coupling mode; however, the research on the influence of those factors on the network robustness is missing. In this paper, firstly, we construct the smart grid as a two-layer network with a dual coupling link and divide the power grid and communication network into many subnets based on the geographical location of their nodes. Secondly, we define node importance ( N I ) as an evaluation index to access the impact of nodes on the cyber or physical network and propose three types of coupling modes based on N I of nodes in the cyber and physical subnets, i.e., Assortative Coupling in Subnets (ACIS), Disassortative Coupling in Subnets (DCIS), and Random Coupling in Subnets (RCIS). Thirdly, a cascading failure model is proposed for studying the effect of local coupling of dual coupling link in combination with ACIS, DCIS, and RCIS on the robustness of the smart grid against a targeted attack, and the survival rate of functional nodes is used to assess the robustness of the smart grid

Simulating Cyber-Attacks for Fun and Profit

OpenAIRE

Futoransky, Ariel; Miranda, Fernando; Orlicki, Jose; Sarraute, Carlos

2010-01-01

We introduce a new simulation platform called Insight, created to design and simulate cyber-attacks against large arbitrary target scenarios. Insight has surprisingly low hardware and configuration requirements, while making the simulation a realistic experience from the attacker's standpoint. The scenarios include a crowd of simulated actors: network devices, hardware devices, software applications, protocols, users, etc. A novel characteristic of this tool is to simulate vulnerabilities (in...

The Bang-Soak Theory of Missile Attack and Terminal Defense

National Research Council Canada - National Science Library

Washburn, Alan

2005-01-01

.... This paper generalizes to the case where the attacking arsenal is mixed, the main motivation being that a mixed attacking arsenal can contain decoys that are harmless to targets, but which can still "soak up" defenders...

Deployment Design of Wireless Sensor Network for Simple Multi-Point Surveillance of a Moving Target

Science.gov (United States)

Tsukamoto, Kazuya; Ueda, Hirofumi; Tamura, Hitomi; Kawahara, Kenji; Oie, Yuji

2009-01-01

In this paper, we focus on the problem of tracking a moving target in a wireless sensor network (WSN), in which the capability of each sensor is relatively limited, to construct large-scale WSNs at a reasonable cost. We first propose two simple multi-point surveillance schemes for a moving target in a WSN and demonstrate that one of the schemes can achieve high tracking probability with low power consumption. In addition, we examine the relationship between tracking probability and sensor density through simulations, and then derive an approximate expression representing the relationship. As the results, we present guidelines for sensor density, tracking probability, and the number of monitoring sensors that satisfy a variety of application demands. PMID:22412326

Crypto and empire: the contradictions of counter-surveillance advocacy

NARCIS (Netherlands)

Gürses, S.; Kundnani, A.; Van Hoboken, J.

2016-01-01

Since Edward Snowden’s revelations of US and UK surveillance programs, privacy advocates, progressive security engineers, and policy makers have been seeking to win majority support for countering surveillance. The problem is framed as the replacement of targeted surveillance with mass surveillance

Mass casualty response in the 2008 Mumbai terrorist attacks.

Science.gov (United States)

Roy, Nobhojit; Kapil, Vikas; Subbarao, Italo; Ashkenazi, Isaac

2011-12-01

The November 26-29, 2008, terrorist attacks on Mumbai were unique in its international media attention, multiple strategies of attack, and the disproportionate national fear they triggered. Everyone was a target: random members of the general population, iconic targets, and foreigners alike were under attack by the terrorists. A retrospective, descriptive study of the distribution of terror victims to various city hospitals, critical radius, surge capacity, and the nature of specialized medical interventions was gathered through police, legal reports, and interviews with key informants. Among the 172 killed and 304 injured people, about four-fifths were men (average age, 33 years) and 12% were foreign nationals. The case-fatality ratio for this event was 2.75:1, and the mortality rate among those who were critically injured was 12%. A total of 38.5% of patients arriving at the hospitals required major surgical intervention. Emergency surgical operations were mainly orthopedic (external fixation for compound fractures) and general surgical interventions (abdominal explorations for penetrating bullet/shrapnel injuries). The use of heavy-duty automatic weapons, explosives, hostages, and arson in these terrorist attacks alerts us to new challenges to medical counterterrorism response. The need for building central medical control for a coordinated response and for strengthening public hospital capacity are lessons learned for future attacks. These particular terrorist attacks had global consequences, in terms of increased security checks and alerts for and fears of further similar "Mumbai-style" attacks. The resilience of the citizens of Mumbai is a critical measure of the long-term effects of terror attacks.

Effect of clustering on attack vulnerability of interdependent scale-free networks

International Nuclear Information System (INIS)

Li, Rui-qi; Sun, Shi-wen; Ma, Yi-lin; Wang, Li; Xia, Cheng-yi

2015-01-01

In order to deeply understand the complex interdependent systems, it is of great concern to take clustering coefficient, which is an important feature of many real-world systems, into account. Previous study mainly focused on the impact of clustering on interdependent networks under random attacks, while we extend the study to the case of the more realistic attacking strategy, targeted attack. A system composed of two interdependent scale-free networks with tunable clustering is provided. The effects of coupling strength and coupling preference on attack vulnerability are explored. Numerical simulation results demonstrate that interdependent links between two networks make the entire system much more fragile to attacks. Also, it is found that clustering significantly increases the vulnerability of interdependent scale-free networks. Moreover, for fully coupled network, disassortative coupling is found to be most vulnerable to random attacks, while the random and assortative coupling have little difference. Additionally, enhancing coupling strength can greatly enhance the fragility of interdependent networks against targeted attacks. These results can not only improve the deep understanding of structural complexity of complex systems, but also provide insights into the guidance of designing resilient infrastructures.

Comparing Alternatives to Measure the Impact of DDoS Attack Announcements on Target Stock Prices

NARCIS (Netherlands)

Abhishta,; Joosten, Reinoud; Nieuwenhuis, Lambert J.M.

2017-01-01

Distributed denial of service (DDoS) attacks are responsible for creating unavailability of online resources. Botnets based on internet of things (IOT) devices are now being used to conduct DDoS attacks. The estimation of direct and indirect economic damages caused by these attacks is a complex

Trajectory Optimization for a Cruising Unmanned Aerial Vehicle Attacking a Target at Back Slope While Subjected to a Wind Gradient

Directory of Open Access Journals (Sweden)

Tieying Jiang

2015-01-01

Full Text Available The trajectory of a tubular launched cruising unmanned aerial vehicle is optimized using the modified direct collocation method for attacking a target at back slope under a wind gradient. A mathematical model of the cruising unmanned aerial vehicle is established based on its operational and motion features under a wind gradient to optimize the trajectory. The motion characteristics of  “altitude adjustment” and “suicide attack” are taken into full account under the combat circumstance of back slope time key targets. By introducing a discrete time function, the trajectory optimization is converted into a nonlinear programming problem and the SNPOT software is applied to solve for the optimal trajectory of the missile under different wind loads. The simulation results show that, for optimized trajectories, the average attack time decreased by up to 29.1% and the energy consumption is reduced by up to 25.9% under specified wind gradient conditions. A, ωdire, and Wmax have an influence on the flight trajectories of cruising unmanned aerial vehicle. This verifies that the application of modified direct collocation method is reasonable and feasible in an effort to achieve more efficient missile trajectories.

Cost, Capability, and the Hunt for a Lightweight Ground Attack Aircraft

Science.gov (United States)

2009-06-12

or Foe IFR Instrument Flight Rules ISR Intelligence Surveillance and Reconnaissance JP Joint Publication JTAC Joint Terminal Attack...capable, combat range, loiter time, weapons payloads, ejection seats, NVG compatible cockpits, IFR avionics, etc.8 One of the primary enablers for cost...to-air threats. In cases where radar guided air defense systems are present, the lack of an RWR puts the aircraft at a definite disadvantage and is

Cybersecurity protecting critical infrastructures from cyber attack and cyber warfare

CERN Document Server

Johnson, Thomas A

2015-01-01

The World Economic Forum regards the threat of cyber attack as one of the top five global risks confronting nations of the world today. Cyber attacks are increasingly targeting the core functions of the economies in nations throughout the world. The threat to attack critical infrastructures, disrupt critical services, and induce a wide range of damage is becoming more difficult to defend against. Cybersecurity: Protecting Critical Infrastructures from Cyber Attack and Cyber Warfare examines the current cyber threat landscape and discusses the strategies being used by governments and corporatio

Modeling Resources Allocation in Attacker-Defender Games with "Warm Up" CSF.

Science.gov (United States)

Guan, Peiqiu; Zhuang, Jun

2016-04-01

Like many other engineering investments, the attacker's and defender's investments may have limited impact without initial capital to "warm up" the systems. This article studies such "warm up" effects on both the attack and defense equilibrium strategies in a sequential-move game model by developing a class of novel and more realistic contest success functions. We first solve a single-target attacker-defender game analytically and provide numerical solutions to a multiple-target case. We compare the results of the models with and without consideration of the investment "warm up" effects, and find that the defender would suffer higher expected damage, and either underestimate the attacker effort or waste defense investment if the defender falsely believes that no investment "warm up" effects exist. We illustrate the model results with real data, and compare the results of the models with and without consideration of the correlation between the "warm up" threshold and the investment effectiveness. Interestingly, we find that the defender is suggested to give up defending all the targets when the attack or the defense "warm up" thresholds are sufficiently high. This article provides new insights and suggestions on policy implications for homeland security resource allocation. © 2015 Society for Risk Analysis.

An airport surface surveillance solution based on fusion algorithm

Science.gov (United States)

Liu, Jianliang; Xu, Yang; Liang, Xuelin; Yang, Yihuang

2017-01-01

In this paper, we propose an airport surface surveillance solution combined with Multilateration (MLAT) and Automatic Dependent Surveillance Broadcast (ADS-B). The moving target to be monitored is regarded as a linear stochastic hybrid system moving freely and each surveillance technology is simplified as a sensor with white Gaussian noise. The dynamic model of target and the observation model of sensor are established in this paper. The measurements of sensors are filtered properly by estimators to get the estimation results for current time. Then, we analysis the characteristics of two fusion solutions proposed, and decide to use the scheme based on sensor estimation fusion for our surveillance solution. In the proposed fusion algorithm, according to the output of estimators, the estimation error is quantified, and the fusion weight of each sensor is calculated. The two estimation results are fused with weights, and the position estimation of target is computed accurately. Finally the proposed solution and algorithm are validated by an illustrative target tracking simulation.

Subclinical endophthalmitis following a rooster attack.

Science.gov (United States)

Lekse Kovach, Jaclyn; Maguluri, Srilakshmi; Recchia, Franco M

2006-12-01

Ocular injury resulting from rooster attacks is rarely reported in the literature. Sadly, the target of these attacks is most often children younger than 3 years old, whose naiveté of the aggressive, territorial behavior of birds can place them at risk. Acute sequelae of these attacks can result in a lifetime of visual impairment. The possibility of a subacute or occult infection is an unusual occurrence that must always be considered. In an effort to prevent future attacks and ocular casualties, we present a case of a 12-month-old boy who suffered an open globe following a rooster attack. The open globe was emergently repaired. One week later, a white cataract was noticed on examination in the absence of systemic or ocular signs of inflammation. Traumatic endophthalmitis and lenticular abscess were suspected during examination under anesthesia. Vitrectomy, lensectomy, and injection of intravitreal antibiotics were performed. Culture of lenticular and vitreous aspirates grew alpha-streptococcus. Alpha-streptococcal endophthalmitis can result from ocular injuries caused by rooster pecking. The infection may present insidiously and without typical ocular or systemic symptoms or signs. Management is challenging and may require surgery.

Messaging Attacks on Android: Vulnerabilities and Intrusion Detection

Directory of Open Access Journals (Sweden)

Khodor Hamandi

2015-01-01

Full Text Available Currently, Android is the leading mobile operating system in number of users worldwide. On the security side, Android has had significant challenges despite the efforts of the Android designers to provide a secure environment for apps. In this paper, we present numerous attacks targeting the messaging framework of the Android system. Our focus is on SMS, USSD, and the evolution of their associated security in Android and accordingly the development of related attacks. Also, we shed light on the Android elements that are responsible for these attacks. Furthermore, we present the architecture of an intrusion detection system (IDS that promises to thwart SMS messaging attacks. Our IDS shows a detection rate of 87.50% with zero false positives.

Harassment, stalking, threats and attacks targeting New Zealand politicians: A mental health issue.

Science.gov (United States)

Every-Palmer, Susanna; Barry-Walsh, Justin; Pathé, Michele

2015-07-01

Due to the nature of their work, politicians are at greater risk of stalking, harassment and attack than the general population. The small, but significantly elevated risk of violence to politicians is predominantly due not to organised terrorism or politically motivated extremists but to fixated individuals with untreated serious mental disorders, usually psychosis. Our objective was to ascertain the frequency, nature and effects of unwanted harassment of politicians in New Zealand and the possible role of mental illness in this harassment. New Zealand Members of Parliament were surveyed, with an 84% response rate (n = 102). Quantitative and qualitative data were collected on Parliamentarians' experiences of harassment and stalking. Eighty-seven percent of politicians reported unwanted harassment ranging from disturbing communications to physical violence, with most experiencing harassment in multiple modalities and on multiple occasions. Cyberstalking and other forms of online harassment were common, and politicians felt they (and their families) had become more exposed as a result of the Internet. Half of MPs had been personally approached by their harassers, 48% had been directly threatened and 15% had been attacked. Some of these incidents were serious, involving weapons such as guns, Molotov cocktails and blunt instruments. One in three politicians had been targeted at their homes. Respondents believed the majority of those responsible for the harassment exhibited signs of mental illness. The harassment of politicians in New Zealand is common and concerning. Many of those responsible were thought to be mentally ill by their victims. This harassment has significant psychosocial costs for both the victim and the perpetrator and represents an opportunity for mental health intervention. © The Royal Australian and New Zealand College of Psychiatrists 2015.

Mapping the Most Significant Computer Hacking Events to a Temporal Computer Attack Model

OpenAIRE

Heerden , Renier ,; Pieterse , Heloise; Irwin , Barry

2012-01-01

Part 4: Section 3: ICT for Peace and War; International audience; This paper presents eight of the most significant computer hacking events (also known as computer attacks). These events were selected because of their unique impact, methodology, or other properties. A temporal computer attack model is presented that can be used to model computer based attacks. This model consists of the following stages: Target Identification, Reconnaissance, Attack, and Post-Attack Reconnaissance stages. The...

Preventive strike vs. false targets and protection in defense strategy

International Nuclear Information System (INIS)

Levitin, Gregory; Hausken, Kjell

2011-01-01

A defender allocates its resource between defending an object passively and striking preventively against an attacker seeking to destroy the object. With no preventive strike the defender distributes its entire resource between deploying false targets, which the attacker cannot distinguish from the genuine object, and protecting the object. If the defender strikes preventively, the attacker's vulnerability depends on its protection and on the defender's resource allocated to the strike. If the attacker survives, the object's vulnerability depends on the attacker's revenge attack resource allocated to the attacked object. The optimal defense resource distribution between striking preventively, deploying the false targets and protecting the object is analyzed. Two cases of the attacker strategy are considered: when the attacker attacks all of the targets and when it chooses a number of targets to attack. An optimization model is presented for making a decision about the efficiency of the preventive strike based on the estimated attack probability, dependent on a variety of model parameters.

Detection of complex cyber attacks

Science.gov (United States)

Gregorio-de Souza, Ian; Berk, Vincent H.; Giani, Annarita; Bakos, George; Bates, Marion; Cybenko, George; Madory, Doug

2006-05-01

One significant drawback to currently available security products is their inabilty to correlate diverse sensor input. For instance, by only using network intrusion detection data, a root kit installed through a weak username-password combination may go unnoticed. Similarly, an administrator may never make the link between deteriorating response times from the database server and an attacker exfiltrating trusted data, if these facts aren't presented together. Current Security Information Management Systems (SIMS) can collect and represent diverse data but lack sufficient correlation algorithms. By using a Process Query System, we were able to quickly bring together data flowing from many sources, including NIDS, HIDS, server logs, CPU load and memory usage, etc. We constructed PQS models that describe dynamic behavior of complicated attacks and failures, allowing us to detect and differentiate simultaneous sophisticated attacks on a target network. In this paper, we discuss the benefits of implementing such a multistage cyber attack detection system using PQS. We focus on how data from multiple sources can be combined and used to detect and track comprehensive network security events that go unnoticed using conventional tools.

Risk Due to Radiological Terror Attacks With Natural Radionuclides

International Nuclear Information System (INIS)

Friedrich, Steinhaeusler; Lyudmila, Zaitseva; Stan, Rydell

2008-01-01

The naturally occurring radionuclides radium (Ra-226) and polonium (Po-210) have the potential to be used for criminal acts. Analysis of international incident data contained in the Database on Nuclear Smuggling, Theft and Orphan Radiation Sources (CSTO), operated at the University of Salzburg, shows that several acts of murder and terrorism with natural radionuclides have already been carried out in Europe and Russia. Five different modes of attack (T) are possible: (1) Covert irradiation of an individual in order to deliver a high individual dose; (2) Covert irradiation of a group of persons delivering a large collective dose; (3) Contamination of food or drink; (4) Generation of radioactive aerosols or solutions; (5) Combination of Ra-226 with conventional explosives (Dirty Bomb).This paper assesses the risk (R) of such criminal acts in terms of: (a) Probability of terrorist motivation deploying a certain attack mode T; (b) Probability of success by the terrorists for the selected attack mode T; (c) Primary damage consequence (C) to the attacked target (activity, dose); (d) Secondary damage consequence (C') to the attacked target (psychological and socio-economic effects); (e) Probability that the consequences (C, C') cannot be brought under control, resulting in a failure to manage successfully the emergency situation due to logistical and/or technical deficits in implementing adequate countermeasures. Extensive computer modelling is used to determine the potential impact of such a criminal attack on directly affected victims and on the environment

Risk Due to Radiological Terror Attacks With Natural Radionuclides

Science.gov (United States)

Friedrich, Steinhäusler; Stan, Rydell; Lyudmila, Zaitseva

2008-08-01

The naturally occurring radionuclides radium (Ra-226) and polonium (Po-210) have the potential to be used for criminal acts. Analysis of international incident data contained in the Database on Nuclear Smuggling, Theft and Orphan Radiation Sources (CSTO), operated at the University of Salzburg, shows that several acts of murder and terrorism with natural radionuclides have already been carried out in Europe and Russia. Five different modes of attack (T) are possible: (1) Covert irradiation of an individual in order to deliver a high individual dose; (2) Covert irradiation of a group of persons delivering a large collective dose; (3) Contamination of food or drink; (4) Generation of radioactive aerosols or solutions; (5) Combination of Ra-226 with conventional explosives (Dirty Bomb). This paper assesses the risk (R) of such criminal acts in terms of: (a) Probability of terrorist motivation deploying a certain attack mode T; (b) Probability of success by the terrorists for the selected attack mode T; (c) Primary damage consequence (C) to the attacked target (activity, dose); (d) Secondary damage consequence (C') to the attacked target (psychological and socio-economic effects); (e) Probability that the consequences (C, C') cannot be brought under control, resulting in a failure to manage successfully the emergency situation due to logistical and/or technical deficits in implementing adequate countermeasures. Extensive computer modelling is used to determine the potential impact of such a criminal attack on directly affected victims and on the environment.

False Positive and False Negative Effects on Network Attacks

Science.gov (United States)

Shang, Yilun

2018-01-01

Robustness against attacks serves as evidence for complex network structures and failure mechanisms that lie behind them. Most often, due to detection capability limitation or good disguises, attacks on networks are subject to false positives and false negatives, meaning that functional nodes may be falsely regarded as compromised by the attacker and vice versa. In this work, we initiate a study of false positive/negative effects on network robustness against three fundamental types of attack strategies, namely, random attacks (RA), localized attacks (LA), and targeted attack (TA). By developing a general mathematical framework based upon the percolation model, we investigate analytically and by numerical simulations of attack robustness with false positive/negative rate (FPR/FNR) on three benchmark models including Erdős-Rényi (ER) networks, random regular (RR) networks, and scale-free (SF) networks. We show that ER networks are equivalently robust against RA and LA only when FPR equals zero or the initial network is intact. We find several interesting crossovers in RR and SF networks when FPR is taken into consideration. By defining the cost of attack, we observe diminishing marginal attack efficiency for RA, LA, and TA. Our finding highlights the potential risk of underestimating or ignoring FPR in understanding attack robustness. The results may provide insights into ways of enhancing robustness of network architecture and improve the level of protection of critical infrastructures.

Are the rules for the right to self-defense outdated to address current conflicts like attacks from non-state actors and cyber-attacks?

Directory of Open Access Journals (Sweden)

Gonzalo J. Arias

2017-06-01

Full Text Available The latest US-led coalition’s attacks against ISIS in Syria raised the question whether states can use defensive force against non-state actors. Two critical incidents had previously triggered the discussion on the importance and consequences of cyber-attacks as a new form armed attacks. The first one occurred in Estonia in 2007, when the country experienced extensive computer hacking attacks that lasted several weeks. The second incident happened in 2008, during the Georgia–Russia conflict over South Ossetia, when Georgia experienced cyber-attacks similar to those suffered by Estonia in the previous year. Furthermore, on June 21, 2016, the central banks of Indonesia and South Korea were hit by cyber-attacks on their public websites since activist hacking group Anonymous pledged last month to target banks across the world. The previous incidents have created, once again, public questioning if the rules on the use of force and the right of self-defense established in the United Nations Charter are sufficient and efficient to address these new forms of attacks.

Collaborative 3D Target Tracking in Distributed Smart Camera Networks for Wide-Area Surveillance

Directory of Open Access Journals (Sweden)

Xenofon Koutsoukos

2013-05-01

Full Text Available With the evolution and fusion of wireless sensor network and embedded camera technologies, distributed smart camera networks have emerged as a new class of systems for wide-area surveillance applications. Wireless networks, however, introduce a number of constraints to the system that need to be considered, notably the communication bandwidth constraints. Existing approaches for target tracking using a camera network typically utilize target handover mechanisms between cameras, or combine results from 2D trackers in each camera into 3D target estimation. Such approaches suffer from scale selection, target rotation, and occlusion, drawbacks typically associated with 2D tracking. In this paper, we present an approach for tracking multiple targets directly in 3D space using a network of smart cameras. The approach employs multi-view histograms to characterize targets in 3D space using color and texture as the visual features. The visual features from each camera along with the target models are used in a probabilistic tracker to estimate the target state. We introduce four variations of our base tracker that incur different computational and communication costs on each node and result in different tracking accuracy. We demonstrate the effectiveness of our proposed trackers by comparing their performance to a 3D tracker that fuses the results of independent 2D trackers. We also present performance analysis of the base tracker along Quality-of-Service (QoS and Quality-of-Information (QoI metrics, and study QoS vs. QoI trade-offs between the proposed tracker variations. Finally, we demonstrate our tracker in a real-life scenario using a camera network deployed in a building.

Clusters versus GPUs for Parallel Target and Anomaly Detection in Hyperspectral Images

Directory of Open Access Journals (Sweden)

Antonio Plaza

2010-01-01

Full Text Available Remotely sensed hyperspectral sensors provide image data containing rich information in both the spatial and the spectral domain, and this information can be used to address detection tasks in many applications. In many surveillance applications, the size of the objects (targets searched for constitutes a very small fraction of the total search area and the spectral signatures associated to the targets are generally different from those of the background, hence the targets can be seen as anomalies. In hyperspectral imaging, many algorithms have been proposed for automatic target and anomaly detection. Given the dimensionality of hyperspectral scenes, these techniques can be time-consuming and difficult to apply in applications requiring real-time performance. In this paper, we develop several new parallel implementations of automatic target and anomaly detection algorithms. The proposed parallel algorithms are quantitatively evaluated using hyperspectral data collected by the NASA's Airborne Visible Infra-Red Imaging Spectrometer (AVIRIS system over theWorld Trade Center (WTC in New York, five days after the terrorist attacks that collapsed the two main towers in theWTC complex.

Clusters versus GPUs for Parallel Target and Anomaly Detection in Hyperspectral Images

Directory of Open Access Journals (Sweden)

Paz Abel

2010-01-01

Full Text Available Abstract Remotely sensed hyperspectral sensors provide image data containing rich information in both the spatial and the spectral domain, and this information can be used to address detection tasks in many applications. In many surveillance applications, the size of the objects (targets searched for constitutes a very small fraction of the total search area and the spectral signatures associated to the targets are generally different from those of the background, hence the targets can be seen as anomalies. In hyperspectral imaging, many algorithms have been proposed for automatic target and anomaly detection. Given the dimensionality of hyperspectral scenes, these techniques can be time-consuming and difficult to apply in applications requiring real-time performance. In this paper, we develop several new parallel implementations of automatic target and anomaly detection algorithms. The proposed parallel algorithms are quantitatively evaluated using hyperspectral data collected by the NASA's Airborne Visible Infra-Red Imaging Spectrometer (AVIRIS system over theWorld Trade Center (WTC in New York, five days after the terrorist attacks that collapsed the two main towers in theWTC complex.

Security awareness for public bus transportation : case studies of attacks against the Israeli public bus system.

Science.gov (United States)

2012-03-01

This report presents 16 case studies of attacks planned or carried out against Israeli bus targets, along with statistical data on the number, frequency, and lethality of attacks against bus targets that have taken place in Israel since 1970 and duri...

Robustness of non-interdependent and interdependent networks against dependent and adaptive attacks

Science.gov (United States)

Tyra, Adam; Li, Jingtao; Shang, Yilun; Jiang, Shuo; Zhao, Yanjun; Xu, Shouhuai

2017-09-01

Robustness of complex networks has been extensively studied via the notion of site percolation, which typically models independent and non-adaptive attacks (or disruptions). However, real-life attacks are often dependent and/or adaptive. This motivates us to characterize the robustness of complex networks, including non-interdependent and interdependent ones, against dependent and adaptive attacks. For this purpose, dependent attacks are accommodated by L-hop percolation where the nodes within some L-hop (L ≥ 0) distance of a chosen node are all deleted during one attack (with L = 0 degenerating to site percolation). Whereas, adaptive attacks are launched by attackers who can make node-selection decisions based on the network state in the beginning of each attack. The resulting characterization enriches the body of knowledge with new insights, such as: (i) the Achilles' Heel phenomenon is only valid for independent attacks, but not for dependent attacks; (ii) powerful attack strategies (e.g., targeted attacks and dependent attacks, dependent attacks and adaptive attacks) are not compatible and cannot help the attacker when used collectively. Our results shed some light on the design of robust complex networks.

Directional R-Loop Formation by the CRISPR-Cas Surveillance Complex Cascade Provides Efficient Off-Target Site Rejection

Directory of Open Access Journals (Sweden)

Marius Rutkauskas

2015-03-01

Full Text Available CRISPR-Cas systems provide bacteria and archaea with adaptive immunity against foreign nucleic acids. In type I CRISPR-Cas systems, invading DNA is detected by a large ribonucleoprotein surveillance complex called Cascade. The crRNA component of Cascade is used to recognize target sites in foreign DNA (protospacers by formation of an R-loop driven by base-pairing complementarity. Using single-molecule supercoiling experiments with near base-pair resolution, we probe here the mechanism of R-loop formation and detect short-lived R-loop intermediates on off-target sites bearing single mismatches. We show that R-loops propagate directionally starting from the protospacer-adjacent motif (PAM. Upon reaching a mismatch, R-loop propagation stalls and collapses in a length-dependent manner. This unambiguously demonstrates that directional zipping of the R-loop accomplishes efficient target recognition by rapidly rejecting binding to off-target sites with PAM-proximal mutations. R-loops that reach the protospacer end become locked to license DNA degradation by the auxiliary Cas3 nuclease/helicase without further target verification.

Risk based surveillance for vector borne diseases

DEFF Research Database (Denmark)

Bødker, Rene

of samples and hence early detection of outbreaks. Models for vector borne diseases in Denmark have demonstrated dramatic variation in outbreak risk during the season and between years. The Danish VetMap project aims to make these risk based surveillance estimates available on the veterinarians smart phones...... in Northern Europe. This model approach may be used as a basis for risk based surveillance. In risk based surveillance limited resources for surveillance are targeted at geographical areas most at risk and only when the risk is high. This makes risk based surveillance a cost effective alternative...... sample to a diagnostic laboratory. Risk based surveillance models may reduce this delay. An important feature of risk based surveillance models is their ability to continuously communicate the level of risk to veterinarians and hence increase awareness when risk is high. This is essential for submission...

Robustness analysis of interdependent networks under multiple-attacking strategies

Science.gov (United States)

Gao, Yan-Li; Chen, Shi-Ming; Nie, Sen; Ma, Fei; Guan, Jun-Jie

2018-04-01

The robustness of complex networks under attacks largely depends on the structure of a network and the nature of the attacks. Previous research on interdependent networks has focused on two types of initial attack: random attack and degree-based targeted attack. In this paper, a deliberate attack function is proposed, where six kinds of deliberate attacking strategies can be derived by adjusting the tunable parameters. Moreover, the robustness of four types of interdependent networks (BA-BA, ER-ER, BA-ER and ER-BA) with different coupling modes (random, positive and negative correlation) is evaluated under different attacking strategies. Interesting conclusions could be obtained. It can be found that the positive coupling mode can make the vulnerability of the interdependent network to be absolutely dependent on the most vulnerable sub-network under deliberate attacks, whereas random and negative coupling modes make the vulnerability of interdependent network to be mainly dependent on the being attacked sub-network. The robustness of interdependent network will be enhanced with the degree-degree correlation coefficient varying from positive to negative. Therefore, The negative coupling mode is relatively more optimal than others, which can substantially improve the robustness of the ER-ER network and ER-BA network. In terms of the attacking strategies on interdependent networks, the degree information of node is more valuable than the betweenness. In addition, we found a more efficient attacking strategy for each coupled interdependent network and proposed the corresponding protection strategy for suppressing cascading failure. Our results can be very useful for safety design and protection of interdependent networks.

Targeted surveillance for highly pathogenic avian influenza in migratory waterfowl across the conterminous United States: chapter 12

Science.gov (United States)

Farnsworth, Matthew L.; Kendall, William L.; Doherty, Paul F.; Miller, Ryan S.; White, Gary C.; Nichols, James D.; Burnham, Kenneth P.; Franklin, Alan B.; Majumdar, S.; Brenner, F.J.; Huffman, J.E.; McLean, R.G.; Panah, A.I.; Pietrobon, P.J.; Keeler, S.P.; Shive, S.

2011-01-01

Introduction of Asian strain H5N1 Highly Pathogenic avian influenca via waterfowl migration is one potential route of entry into the United States. In conjunction with state, tribe, and laboratory partners, the United States Department of Agriculture collected and tested 124,603 wild bird samples in 2006 as part of a national surveillance effort. A sampling plan was devised to increase the probability fo detecting Asian strain H5N1 at a national scale. Band recovery data were used to identify and prioritize sampling for wild migratory waterfowl, resulting in spatially targeted sampling recommendations focused on reads with high numbers of recoveries. We also compared the spatial and temporal distribution of the 2006 cloacal and fecal waterfowl sampling effort to the bird banding recovery data and found concordance between the two .Finally, we present improvements made to the 2007 fecal sampling component of the surveillance plan and suggest further improvements for future sampling.

Miniature Blimps for Surveillance and Collection of Samples

Science.gov (United States)

Jones, Jack

2004-01-01

Miniature blimps are under development as robots for use in exploring the thick, cold, nitrogen atmosphere of Saturn's moon, Titan. Similar blimps can also be used for surveillance and collection of biochemical samples in buildings, caves, subways, and other, similar structures on Earth. The widely perceived need for means to thwart attacks on buildings and to mitigate the effects of such attacks has prompted consideration of the use of robots. Relative to rover-type (wheeled) robots that have been considered for such uses, miniature blimps offer the advantage of ability to move through the air in any direction and, hence, to perform tasks that are difficult or impossible for wheeled robots, including climbing stairs and looking through windows. In addition, miniature blimps are expected to have greater range and to cost less, relative to wheeled robots.

Social Engineering Attack Detection Model: SEADMv2

CSIR Research Space (South Africa)

Mouton, F

2015-10-01

Full Text Available link in the security chain. A social engineering attack targets this weakness by using various manipulation techniques to elicit individuals to perform sensitive requests. The field of social engineering is still in its infancy as far as formal...

Monitoring and reporting attacks on education in the Democratic Republic of the Congo and Somalia.

Science.gov (United States)

Bennouna, Cyril; van Boetzelaer, Elburg; Rojas, Lina; Richard, Kinyera; Karume, Gang; Nshombo, Marius; Roberts, Leslie; Boothby, Neil

2018-04-01

The United Nations' Monitoring and Reporting Mechanism is charged with documenting six grave violations against children in a time of conflict, including attacks on schools. Many of these incidents, however, remain unreported across the globe. This study explores whether or not a local knowledge base of education and child protection actors in North and South Kivu Provinces, Democratic Republic of the Congo, and in Mogadishu, Somalia, could contribute to a more complete record of attacks on education in those areas. Hundreds of semi-structured interviews were conducted with key informants across the three settings, and in total 432 attacks on education were documented. Purposive samples of these reports were verified and a large majority was confirmed. Local non-governmental organisations and education institutions were most knowledgeable about these incidents, but most never reported them to a monitoring authority. The study concludes that attack surveillance and response were largely insufficient, and recommends investing in mechanisms that utilise local knowledge to address these shortcomings. © 2018 The Author(s). Disasters © Overseas Development Institute, 2018.

Legal Issues in Cyber Targeting

DEFF Research Database (Denmark)

Juhlin, Jonas Alastair

Imagine this scenario: Two states are in armed conflict with each other. In order to gain an advantage, one side launches a cyber-attack against the opponent’s computer network. The malicious malware paralyze the military computer network, as intended, but the malware spreads into the civilian...... system with physical damage to follow. This can happen and the natural question arises: What must be considered lawful targeting according to the international humanitarian law in cyber warfare? What steps must an attacker take to minimize the damage done to unlawful targets when conducting an offensive...... operation? How can the attacker separate military targets from civilian targets in cyber space? This paper addresses these questions and argues that a network (civilian or military) consist of several software components and that it is the individual components that is the target. If the components are used...

Validation Method of a Telecommunications Blackout Attack

National Research Council Canada - National Science Library

Amado, Joao; Nunes, Paulo

2005-01-01

..., and to obtain the maximum disruptive effect over the services. The proposed method uses a top-down approach, starting on the service level and ending on the different network elements that can be identified in the end as the targets for the attack.

Life-threatening asthma attack during prolonged fingolimod treatment: case report

Directory of Open Access Journals (Sweden)

Zecca C

2014-07-01

Full Text Available Chiara Zecca,1,* Matteo Caporro,1,* Sandor Györik,2 Claudio Gobbi11Neurocenter of Southern Switzerland, Department of Neurology, Ospedale Regionale di Lugano, Lugano, Switzerland; 2Department of Internal Medicine, Ospedale Regionale di Bellinzona, Bellinzona, Switzerland*These authors contributed equally to this workBackground: Fingolimod (FTY mediates bronchoconstriction by interacting with sphingosine-1-phosphate receptors. The majority of the reported adverse respiratory events occur during the first weeks of treatment.Case presentation: A 49-year-old woman developed a life-threatening asthma attack after 6 months of continuous FTY treatment. The adverse event required prolonged hospitalization, and the patient recovered without sequelae after FTY interruption. A history of previous airway hyperreactivity and a concurrent viral respiratory infection possibly acted as predisposing factors.Conclusion: This first description of a severe, life-threatening asthma attack during prolonged FTY treatment suggests the need for long-term clinical surveillance, especially in patients with known predisposing factors.Keywords: multiple sclerosis, bronchial hyper-reactivity

Vulnerabilities of the security of nuclear material due to cyber attacks

International Nuclear Information System (INIS)

Daschil, F.

2002-01-01

Full text: The spread of new communication and computer technologies is now the potential for a dedicated, sophisticated adversary to conduct coordinated strikes against the computers, communications systems, and databases of nuclear material security systems. All weapons of cyber war, like viruses, Trojans, access to computer systems are potential risks for the security of nuclear material. New forms of destruction of electronic devices, e.g. Transient Electromagnetic Devices (TED), that could, in the hands of enemies, criminals, or terrorist pose a significant threat to nuclear safety infrastructure components that are based on micro-circuits and computer or micro-processor control. These examples shows the necessity to clearly identify possible risks as: information and communication based disorders and other disruptions and attacks; partial or complete failure of systems causing the risk of unexpected reaction or unmanageable situations; cracking of access codes and elimination of alarm equipment could give easy access to nuclear material; computer manipulation or complete computer and system takeover due to brute force attacks, viruses, Trojans and worms could lead to malfunctions, disruptions and nuclear disasters; computer spying and brute force attacks could give detailed information about technical, organizational and organizational data; combined actions of physical, electronic and computer attacks. The paper gives an overview of potential computer and communication safety gaps and points out strategic implications as the identification of the critical infrastructure, surveillance of computer systems, data access and communication paths. The basic necessity of the development of computer and communication breakdown backup systems as well as measures of precaution against cyber attacks is shown in the paper. (author)

Network resilience against intelligent attacks constrained by the degree-dependent node removal cost

International Nuclear Information System (INIS)

Annibale, A; Coolen, A C C; Bianconi, G

2010-01-01

We study the resilience of complex networks against attacks in which nodes are targeted intelligently, but where disabling a node has a cost to the attacker which depends on its degree. Attackers have to meet these costs with limited resources, which constrains their actions. A network's integrity is quantified in terms of the efficacy of the process that it supports. We calculate how the optimal attack strategy and the most attack-resistant network degree statistics depend on the node removal cost function and the attack resources. The resilience of networks against intelligent attacks is found to depend strongly on the node removal cost function faced by the attacker. In particular, if node removal costs increase sufficiently fast with the node degree, power law networks are found to be more resilient than Poissonian ones, even against optimized intelligent attacks. For cost functions increasing quadratically in the node degrees, intelligent attackers cannot damage the network more than random damages would.

Protecting Accelerator Control Systems in the Face of Sophisticated Cyber Attacks

International Nuclear Information System (INIS)

Hartman, Steven M.

2012-01-01

Cyber security for industrial control systems has received significant attention in the past two years. The news coverage of the Stuxnet attack, believed to be targeted at the control system for a uranium enrichment plant, brought the issue to the attention of news media and policy makers. This has led to increased scrutiny of control systems for critical infrastructure such as power generation and distribution, and industrial systems such as chemical plants and petroleum refineries. The past two years have also seen targeted network attacks aimed at corporate and government entities including US Department of Energy National Laboratories. Both of these developments have potential repercussions for the control systems of particle accelerators. The need to balance risks from potential attacks with the operational needs of an accelerator present a unique challenge for the system architecture and access model.

Energy-aware scheduling of surveillance in wireless multimedia sensor networks.

Science.gov (United States)

Wang, Xue; Wang, Sheng; Ma, Junjie; Sun, Xinyao

2010-01-01

Wireless sensor networks involve a large number of sensor nodes with limited energy supply, which impacts the behavior of their application. In wireless multimedia sensor networks, sensor nodes are equipped with audio and visual information collection modules. Multimedia contents are ubiquitously retrieved in surveillance applications. To solve the energy problems during target surveillance with wireless multimedia sensor networks, an energy-aware sensor scheduling method is proposed in this paper. Sensor nodes which acquire acoustic signals are deployed randomly in the sensing fields. Target localization is based on the signal energy feature provided by multiple sensor nodes, employing particle swarm optimization (PSO). During the target surveillance procedure, sensor nodes are adaptively grouped in a totally distributed manner. Specially, the target motion information is extracted by a forecasting algorithm, which is based on the hidden Markov model (HMM). The forecasting results are utilized to awaken sensor node in the vicinity of future target position. According to the two properties, signal energy feature and residual energy, the sensor nodes decide whether to participate in target detection separately with a fuzzy control approach. Meanwhile, the local routing scheme of data transmission towards the observer is discussed. Experimental results demonstrate the efficiency of energy-aware scheduling of surveillance in wireless multimedia sensor network, where significant energy saving is achieved by the sensor awakening approach and data transmission paths are calculated with low computational complexity.

A Global Cancer Surveillance Framework Within Noncommunicable Disease Surveillance: Making the Case for Population-Based Cancer Registries.

Science.gov (United States)

Piñeros, Marion; Znaor, Ariana; Mery, Les; Bray, Freddie

2017-01-01

The growing burden of cancer among several major noncommunicable diseases (NCDs) requires national implementation of tailored public health surveillance. For many emerging economies where emphasis has traditionally been placed on the surveillance of communicable diseases, it is critical to understand the specificities of NCD surveillance and, within it, of cancer surveillance. We propose a general framework for cancer surveillance that permits monitoring the core components of cancer control. We examine communalities in approaches to the surveillance of other major NCDs as well as communicable diseases, illustrating key differences in the function, coverage, and reporting in each system. Although risk factor surveys and vital statistics registration are the foundation of surveillance of NCDs, population-based cancer registries play a unique fundamental role specific to cancer surveillance, providing indicators of population-based incidence and survival. With an onus now placed on governments to collect these data as part of the monitoring of NCD targets, the integration of cancer registries into existing and future NCD surveillance strategies is a vital requirement in all countries worldwide. The Global Initiative for Cancer Registry Development, endorsed by the World Health Organization, provides a means to enhance cancer surveillance capacity in low- and middle-income countries. © The Author 2017. Published by Oxford University Press on behalf of the Johns Hopkins Bloomberg School of Public Health. All rights reserved. For permissions, please e-mail: journals.permissions@oup.com.

Weight Stigma Goes Viral on the Internet: Systematic Assessment of YouTube Comments Attacking Overweight Men and Women.

Science.gov (United States)

Jeon, Yongwoog Andrew; Hale, Brent; Knackmuhs, Eric; Mackert, Michael

2018-03-20

Anonymous verbal attacks against overweight individuals on social media are common and widespread. These comments often use negative, misogynist, or derogatory words, which stigmatize the targeted individuals with obesity. These verbal attacks may cause depression in overweight individuals, which could subsequently promote unhealthy eating behavior (ie, binge eating) and further weight gain. To develop an intervention policy and strategies that tackle the anonymous, Web-based verbal attacks, a thorough understanding of the comments is necessary. This study aimed to examine how anonymous users verbally attack or defend overweight individuals in terms of 3 themes: (1) topic of verbal attack (ie, what aspects of overweight individuals are verbally attacked), (2) gender of commenters and targeted overweight individuals, and (3) intensity of derogation depending on the targeted gender (ie, the number of swear words used within comments). This study analyzed the content of YouTube comments that discuss overweight individuals or groups from 2 viral videos, titled "Fat Girl Tinder Date" and "Fat Guy Tinder Date." The twin videos provide an avenue through which to analyze discussions of obesity as they organically occurred in a contemporary setting. We randomly sampled and analyzed 320 comments based on a coding instrument developed for this study. First, there were twice as many comments verbally attacking overweight individuals (n=174) than comments defending them (n=89). Second, overweight women are attacked for their capacities (eg, laziness, maturity; 14/51, 28%), whereas overweight men are attacked for their heterosocial skills (eg, rudeness, annoyance; 24/29, 83%). Third, the majority of commenters who attacked overweight women are male (42/52, 81%). Fourth, attacking comments generated toward overweight women included more swear words (mean 0.44, SD 0.77) than those targeting men (mean 0.23, SD 0.48). Our data elucidate a worrying situation of frequent disinhibited

Weight Stigma Goes Viral on the Internet: Systematic Assessment of YouTube Comments Attacking Overweight Men and Women

Science.gov (United States)

Hale, Brent; Knackmuhs, Eric; Mackert, Michael

2018-01-01

Background Anonymous verbal attacks against overweight individuals on social media are common and widespread. These comments often use negative, misogynist, or derogatory words, which stigmatize the targeted individuals with obesity. These verbal attacks may cause depression in overweight individuals, which could subsequently promote unhealthy eating behavior (ie, binge eating) and further weight gain. To develop an intervention policy and strategies that tackle the anonymous, Web-based verbal attacks, a thorough understanding of the comments is necessary. Objective This study aimed to examine how anonymous users verbally attack or defend overweight individuals in terms of 3 themes: (1) topic of verbal attack (ie, what aspects of overweight individuals are verbally attacked), (2) gender of commenters and targeted overweight individuals, and (3) intensity of derogation depending on the targeted gender (ie, the number of swear words used within comments). Methods This study analyzed the content of YouTube comments that discuss overweight individuals or groups from 2 viral videos, titled “Fat Girl Tinder Date” and “Fat Guy Tinder Date.” The twin videos provide an avenue through which to analyze discussions of obesity as they organically occurred in a contemporary setting. We randomly sampled and analyzed 320 comments based on a coding instrument developed for this study. Results First, there were twice as many comments verbally attacking overweight individuals (n=174) than comments defending them (n=89). Second, overweight women are attacked for their capacities (eg, laziness, maturity; 14/51, 28%), whereas overweight men are attacked for their heterosocial skills (eg, rudeness, annoyance; 24/29, 83%). Third, the majority of commenters who attacked overweight women are male (42/52, 81%). Fourth, attacking comments generated toward overweight women included more swear words (mean 0.44, SD 0.77) than those targeting men (mean 0.23, SD 0.48). Conclusions Our data

Optimal Attack Strategies Subject to Detection Constraints Against Cyber-Physical Systems

International Nuclear Information System (INIS)

Chen, Yuan; Kar, Soummya; Moura, Jose M. F.

2017-01-01

This paper studies an attacker against a cyberphysical system (CPS) whose goal is to move the state of a CPS to a target state while ensuring that his or her probability of being detected does not exceed a given bound. The attacker’s probability of being detected is related to the nonnegative bias induced by his or her attack on the CPS’s detection statistic. We formulate a linear quadratic cost function that captures the attacker’s control goal and establish constraints on the induced bias that reflect the attacker’s detection-avoidance objectives. When the attacker is constrained to be detected at the false-alarm rate of the detector, we show that the optimal attack strategy reduces to a linear feedback of the attacker’s state estimate. In the case that the attacker’s bias is upper bounded by a positive constant, we provide two algorithms – an optimal algorithm and a sub-optimal, less computationally intensive algorithm – to find suitable attack sequences. Lastly, we illustrate our attack strategies in numerical examples based on a remotely-controlled helicopter under attack.

Phase-remapping attack in practical quantum-key-distribution systems

International Nuclear Information System (INIS)

Fung, Chi-Hang Fred; Qi, Bing; Lo, Hoi-Kwong; Tamaki, Kiyoshi

2007-01-01

Quantum key distribution (QKD) can be used to generate secret keys between two distant parties. Even though QKD has been proven unconditionally secure against eavesdroppers with unlimited computation power, practical implementations of QKD may contain loopholes that may lead to the generated secret keys being compromised. In this paper, we propose a phase-remapping attack targeting two practical bidirectional QKD systems (the 'plug-and-play' system and the Sagnac system). We showed that if the users of the systems are unaware of our attack, the final key shared between them can be compromised in some situations. Specifically, we showed that, in the case of the Bennett-Brassard 1984 (BB84) protocol with ideal single-photon sources, when the quantum bit error rate (QBER) is between 14.6% and 20%, our attack renders the final key insecure, whereas the same range of QBER values has been proved secure if the two users are unaware of our attack; also, we demonstrated three situations with realistic devices where positive key rates are obtained without the consideration of Trojan horse attacks but in fact no key can be distilled. We remark that our attack is feasible with only current technology. Therefore, it is very important to be aware of our attack in order to ensure absolute security. In finding our attack, we minimize the QBER over individual measurements described by a general POVM, which has some similarity with the standard quantum state discrimination problem

Multi-Camera Persistent Surveillance Test Bed

National Research Council Canada - National Science Library

Baran, David; O'Brien, Barry; Fung, Nick; Kovach, Jesse; Miller, David

2007-01-01

.... Small reconnaissance surveillance and target acquisition (RSTA) platforms have the ability to cooperate through information sharing to increase the situational awareness over a region of interest (RSTA...

Modeling attacking of high skills volleyball players

Directory of Open Access Journals (Sweden)

Vladimir Gamaliy

2014-12-01

Full Text Available Purpose: to determine the model indicators of technical and tactical actions in the attack highly skilled volleyball players. Material and Methods: the study used statistical data of major international competitions: Olympic Games – 2012 World Championships – 2010, World League – 2010–2014 European Championship – 2010–2014. A total of 130 analyzed games. Methods were used: analysis and generalization of scientific and methodological literature, analysis of competitive activity highly skilled volleyball players, teacher observation, modeling technical and tactical actions in attacking highly skilled volleyball players. Results: it was found that the largest volume application of technical and tactical actions in the attack belongs to the group tactics «supple movement», whose indicator is 21,3%. The smallest amount of application belongs to the group tactics «flight level» model whose indicators is 5,4%, the efficiency of 3,4%, respectively. It is found that the power service in the jump from model parameters used in 51,6% of cases, the planning targets – 21,7% and 4,4% planning to reduce. Attacks performed with the back line, on model parameters used in the amount of 20,8% efficiency –13,7%. Conclusions: we prove that the performance of technical and tactical actions in the attack can be used as model in the control system of training and competitive process highly skilled volleyball players

Sleep Deprivation Attack Detection in Wireless Sensor Network

Science.gov (United States)

Bhattasali, Tapalina; Chaki, Rituparna; Sanyal, Sugata

2012-02-01

Deployment of sensor network in hostile environment makes it mainly vulnerable to battery drainage attacks because it is impossible to recharge or replace the battery power of sensor nodes. Among different types of security threats, low power sensor nodes are immensely affected by the attacks which cause random drainage of the energy level of sensors, leading to death of the nodes. The most dangerous type of attack in this category is sleep deprivation, where target of the intruder is to maximize the power consumption of sensor nodes, so that their lifetime is minimized. Most of the existing works on sleep deprivation attack detection involve a lot of overhead, leading to poor throughput. The need of the day is to design a model for detecting intrusions accurately in an energy efficient manner. This paper proposes a hierarchical framework based on distributed collaborative mechanism for detecting sleep deprivation torture in wireless sensor network efficiently. Proposed model uses anomaly detection technique in two steps to reduce the probability of false intrusion.

Terminal attack trajectories of peregrine falcons are described by the proportional navigation guidance law of missiles.

Science.gov (United States)

Brighton, Caroline H; Thomas, Adrian L R; Taylor, Graham K

2017-12-19

The ability to intercept uncooperative targets is key to many diverse flight behaviors, from courtship to predation. Previous research has looked for simple geometric rules describing the attack trajectories of animals, but the underlying feedback laws have remained obscure. Here, we use GPS loggers and onboard video cameras to study peregrine falcons, Falco peregrinus , attacking stationary targets, maneuvering targets, and live prey. We show that the terminal attack trajectories of peregrines are not described by any simple geometric rule as previously claimed, and instead use system identification techniques to fit a phenomenological model of the dynamical system generating the observed trajectories. We find that these trajectories are best-and exceedingly well-modeled by the proportional navigation (PN) guidance law used by most guided missiles. Under this guidance law, turning is commanded at a rate proportional to the angular rate of the line-of-sight between the attacker and its target, with a constant of proportionality (i.e., feedback gain) called the navigation constant ( N ). Whereas most guided missiles use navigation constants falling on the interval 3 ≤ N ≤ 5, peregrine attack trajectories are best fitted by lower navigation constants (median N law could find use in small visually guided drones designed to remove other drones from protected airspace. Copyright © 2017 the Author(s). Published by PNAS.

Defending majority voting systems against a strategic attacker

International Nuclear Information System (INIS)

Levitin, Gregory; Hausken, Kjell; Ben Haim, Hanoch

2013-01-01

Voting systems used in technical and tactical decision making in pattern recognition and target detection, data handling, signal processing, distributed and secure computing etc. are considered. A maxmin two period game is analyzed where the defender first protects and chooses units for participation in voting. The attacker thereafter attacks a subset of units. It is shown that when the defender protects all the voting units, the optimal number of units chosen for voting is either one or the maximal possible odd number. When the defender protects only the units chosen for voting, the optimal number of chosen units increases with the defender resource superiority (i.e., more resources than the attacker) and with probability of providing correct output by any unit. The system success probability always increases in the total number of voting units, the defender–attacker resource ratio, and the probability that each voting unit produces a correct output. The system success probability increases in the attacker–defender contest intensity if the defender achieves per-unit resource superiority, and otherwise decreases in the contest intensity. The presented model and enumerative algorithm allow obtaining optimal voting system defense strategy for any combination of parameters: total number of units, attack and defense resources, unit success probability and contest intensity.

Active animal health surveillance in European Union Member States: gaps and opportunities.

Science.gov (United States)

Bisdorff, B; Schauer, B; Taylor, N; Rodríguez-Prieto, V; Comin, A; Brouwer, A; Dórea, F; Drewe, J; Hoinville, L; Lindberg, A; Martinez Avilés, M; Martínez-López, B; Peyre, M; Pinto Ferreira, J; Rushton, J; VAN Schaik, G; Stärk, K D C; Staubach, C; Vicente-Rubiano, M; Witteveen, G; Pfeiffer, D; Häsler, B

2017-03-01

Animal health surveillance enables the detection and control of animal diseases including zoonoses. Under the EU-FP7 project RISKSUR, a survey was conducted in 11 EU Member States and Switzerland to describe active surveillance components in 2011 managed by the public or private sector and identify gaps and opportunities. Information was collected about hazard, target population, geographical focus, legal obligation, management, surveillance design, risk-based sampling, and multi-hazard surveillance. Two countries were excluded due to incompleteness of data. Most of the 664 components targeted cattle (26·7%), pigs (17·5%) or poultry (16·0%). The most common surveillance objectives were demonstrating freedom from disease (43·8%) and case detection (26·8%). Over half of components applied risk-based sampling (57·1%), but mainly focused on a single population stratum (targeted risk-based) rather than differentiating between risk levels of different strata (stratified risk-based). About a third of components were multi-hazard (37·3%). Both risk-based sampling and multi-hazard surveillance were used more frequently in privately funded components. The study identified several gaps (e.g. lack of systematic documentation, inconsistent application of terminology) and opportunities (e.g. stratified risk-based sampling). The greater flexibility provided by the new EU Animal Health Law means that systematic evaluation of surveillance alternatives will be required to optimize cost-effectiveness.

Attack Methodology Analysis: Emerging Trends in Computer-Based Attack Methodologies and Their Applicability to Control System Networks

Energy Technology Data Exchange (ETDEWEB)

Bri Rolston

2005-06-01

Threat characterization is a key component in evaluating the threat faced by control systems. Without a thorough understanding of the threat faced by critical infrastructure networks, adequate resources cannot be allocated or directed effectively to the defense of these systems. Traditional methods of threat analysis focus on identifying the capabilities and motivations of a specific attacker, assessing the value the adversary would place on targeted systems, and deploying defenses according to the threat posed by the potential adversary. Too many effective exploits and tools exist and are easily accessible to anyone with access to an Internet connection, minimal technical skills, and a significantly reduced motivational threshold to be able to narrow the field of potential adversaries effectively. Understanding how hackers evaluate new IT security research and incorporate significant new ideas into their own tools provides a means of anticipating how IT systems are most likely to be attacked in the future. This research, Attack Methodology Analysis (AMA), could supply pertinent information on how to detect and stop new types of attacks. Since the exploit methodologies and attack vectors developed in the general Information Technology (IT) arena can be converted for use against control system environments, assessing areas in which cutting edge exploit development and remediation techniques are occurring can provide significance intelligence for control system network exploitation, defense, and a means of assessing threat without identifying specific capabilities of individual opponents. Attack Methodology Analysis begins with the study of what exploit technology and attack methodologies are being developed in the Information Technology (IT) security research community within the black and white hat community. Once a solid understanding of the cutting edge security research is established, emerging trends in attack methodology can be identified and the gap between

Calculating Adversarial Risk from Attack Trees: Control Strength and Probabilistic Attackers

NARCIS (Netherlands)

Pieters, Wolter; Davarynejad, Mohsen

2015-01-01

Attack trees are a well-known formalism for quantitative analysis of cyber attacks consisting of multiple steps and alternative paths. It is possible to derive properties of the overall attacks from properties of individual steps, such as cost for the attacker and probability of success. However, in

Security of Linear Secret-Sharing Schemes Against Mass Surveillance

DEFF Research Database (Denmark)

Giacomelli, Irene; Olimid, Ruxandra; Ranellucci, Samuel

2015-01-01

by a proprietary code that the provider (“big brother”) could manipulate to covertly violate the privacy of the users (by implementing Algorithm-Substitution Attacks or ASAs). First, we formalize the security notion that expresses the goal of big brother and prove that for any linear secret-sharing scheme...... there exists an undetectable subversion of it that efficiently allows surveillance. Second, we formalize the security notion that assures that a sharing scheme is secure against ASAs and construct the first sharing scheme that meets this notion....

Accurate Sybil Attack Detection Based on Fine-Grained Physical Channel Information

Directory of Open Access Journals (Sweden)

Chundong Wang

2018-03-01

Full Text Available With the development of the Internet-of-Things (IoT, wireless network security has more and more attention paid to it. The Sybil attack is one of the famous wireless attacks that can forge wireless devices to steal information from clients. These forged devices may constantly attack target access points to crush the wireless network. In this paper, we propose a novel Sybil attack detection based on Channel State Information (CSI. This detection algorithm can tell whether the static devices are Sybil attackers by combining a self-adaptive multiple signal classification algorithm with the Received Signal Strength Indicator (RSSI. Moreover, we develop a novel tracing scheme to cluster the channel characteristics of mobile devices and detect dynamic attackers that change their channel characteristics in an error area. Finally, we experiment on mobile and commercial WiFi devices. Our algorithm can effectively distinguish the Sybil devices. The experimental results show that our Sybil attack detection system achieves high accuracy for both static and dynamic scenarios. Therefore, combining the phase and similarity of channel features, the multi-dimensional analysis of CSI can effectively detect Sybil nodes and improve the security of wireless networks.

Accurate Sybil Attack Detection Based on Fine-Grained Physical Channel Information.

Science.gov (United States)

Wang, Chundong; Zhu, Likun; Gong, Liangyi; Zhao, Zhentang; Yang, Lei; Liu, Zheli; Cheng, Xiaochun

2018-03-15

With the development of the Internet-of-Things (IoT), wireless network security has more and more attention paid to it. The Sybil attack is one of the famous wireless attacks that can forge wireless devices to steal information from clients. These forged devices may constantly attack target access points to crush the wireless network. In this paper, we propose a novel Sybil attack detection based on Channel State Information (CSI). This detection algorithm can tell whether the static devices are Sybil attackers by combining a self-adaptive multiple signal classification algorithm with the Received Signal Strength Indicator (RSSI). Moreover, we develop a novel tracing scheme to cluster the channel characteristics of mobile devices and detect dynamic attackers that change their channel characteristics in an error area. Finally, we experiment on mobile and commercial WiFi devices. Our algorithm can effectively distinguish the Sybil devices. The experimental results show that our Sybil attack detection system achieves high accuracy for both static and dynamic scenarios. Therefore, combining the phase and similarity of channel features, the multi-dimensional analysis of CSI can effectively detect Sybil nodes and improve the security of wireless networks.

Intelligent agents for adaptive security market surveillance

Science.gov (United States)

Chen, Kun; Li, Xin; Xu, Baoxun; Yan, Jiaqi; Wang, Huaiqing

2017-05-01

Market surveillance systems have increasingly gained in usage for monitoring trading activities in stock markets to maintain market integrity. Existing systems primarily focus on the numerical analysis of market activity data and generally ignore textual information. To fulfil the requirements of information-based surveillance, a multi-agent-based architecture that uses agent intercommunication and incremental learning mechanisms is proposed to provide a flexible and adaptive inspection process. A prototype system is implemented using the techniques of text mining and rule-based reasoning, among others. Based on experiments in the scalping surveillance scenario, the system can identify target information evidence up to 87.50% of the time and automatically identify 70.59% of cases depending on the constraints on the available information sources. The results of this study indicate that the proposed information surveillance system is effective. This study thus contributes to the market surveillance literature and has significant practical implications.

Netwar

Science.gov (United States)

Keen, Arthur A.

2006-04-01

This paper describes technology being developed at 21st Century Technologies to automate Computer Network Operations (CNO). CNO refers to DoD activities related to Attacking and Defending Computer Networks (CNA & CND). Next generation cyber threats are emerging in the form of powerful Internet services and tools that automate intelligence gathering, planning, testing, and surveillance. We will focus on "Search-Engine Hacks", queries that can retrieve lists of router/switch/server passwords, control panels, accessible cameras, software keys, VPN connection files, and vulnerable web applications. Examples include "Titan Rain" attacks against DoD facilities and the Santy worm, which identifies vulnerable sites by searching Google for URLs containing application-specific strings. This trend will result in increasingly sophisticated and automated intelligence-driven cyber attacks coordinated across multiple domains that are difficult to defeat or even understand with current technology. One traditional method of CNO relies on surveillance detection as an attack predictor. Unfortunately, surveillance detection is difficult because attackers can perform search engine-driven surveillance such as with Google Hacks, and avoid touching the target site. Therefore, attack observables represent only about 5% of the attacker's total attack time, and are inadequate to provide warning. In order to predict attacks and defend against them, CNO must also employ more sophisticated techniques and work to understand the attacker's Motives, Means and Opportunities (MMO). CNO must use automated reconnaissance tools, such as Google, to identify information vulnerabilities, and then utilize Internet tools to observe the intelligence gathering, planning, testing, and collaboration activities that represent 95% of the attacker's effort.

Detection of Variations of Local Irregularity of Traffic under DDOS Flood Attack

Directory of Open Access Journals (Sweden)

Ming Li

2008-01-01

Full Text Available The aim of distributed denial-of-service (DDOS flood attacks is to overwhelm the attacked site or to make its service performance deterioration considerably by sending flood packets to the target from the machines distributed all over the world. This is a kind of local behavior of traffic at the protected site because the attacked site can be recovered to its normal service state sooner or later even though it is in reality overwhelmed during attack. From a view of mathematics, it can be taken as a kind of short-range phenomenon in computer networks. In this paper, we use the Hurst parameter (H to measure the local irregularity or self-similarity of traffic under DDOS flood attack provided that fractional Gaussian noise (fGn is used as the traffic model. As flood attack packets of DDOS make the H value of arrival traffic vary significantly away from that of traffic normally arriving at the protected site, we discuss a method to statistically detect signs of DDOS flood attacks with predetermined detection probability and false alarm probability.

Defense Against Rocket Attacks in the Presence of False Cues

National Research Council Canada - National Science Library

Harari, Lior

2008-01-01

Rocket attacks on civilian and military targets, from both Hezbollah (South Lebanon) and Hamas (Gaza strip) have been causing a major operational problem for the Israeli Defense Force for over two decades...

Bluetooth security attacks comparative analysis, attacks, and countermeasures

CERN Document Server

Haataja, Keijo; Pasanen, Sanna; Toivanen, Pekka

2013-01-01

This overview of Bluetooth security examines network vulnerabilities and offers a comparative analysis of recent security attacks. It also examines related countermeasures and proposes a novel attack that works against all existing Bluetooth versions.

Sustainable Monitoring and Surveillance Systems to Improve HIV Programs: Review.

Science.gov (United States)

Low-Beer, Daniel; Mahy, Mary; Renaud, Francoise; Calleja, Txema

2018-04-24

HIV programs have provided a major impetus for investments in surveillance data, with 5-10% of HIV program budgets recommended to support data. However there are questions concerning the sustainability of these investments. The Sustainable Development Goals have consolidated health into one goal and communicable diseases into one target (Target 3.3). Sustainable Development Goals now introduce targets focused specifically on data (Targets 17.18 and 17.19). Data are seen as one of the three systemic issues (in Goal 17) for implementing Sustainable Development Goals, alongside policies and partnerships. This paper reviews the surveillance priorities in the context of the Sustainable Development Goals and highlights the shift from periodic measurement towards sustainable disaggregated, real-time, case, and patient data, which are used routinely to improve programs. Finally, the key directions in developing person-centered monitoring systems are assessed with country examples. The directions contribute to the Sustainable Development Goal focus on people-centered development applied to data. ©Daniel Low-Beer, Mary Mahy, Francoise Renaud, Txema Calleja. Originally published in JMIR Public Health and Surveillance (http://publichealth.jmir.org), 24.04.2018.

Towards One Health disease surveillance: The Southern African Centre for Infectious Disease Surveillance approach

Directory of Open Access Journals (Sweden)

Esron D. Karimuribo

2012-06-01

Full Text Available Africa has the highest burden of infectious diseases in the world and yet the least capacity for its risk management. It has therefore become increasingly important to search for ‘fit-for- purpose’ approaches to infectious disease surveillance and thereby targeted disease control. The fact that the majority of human infectious diseases are originally of animal origin means we have to consider One Health (OH approaches which require inter-sectoral collaboration for custom-made infectious disease surveillance in the endemic settings of Africa. A baseline survey was conducted to assess the current status and performance of human and animal health surveillance systems and subsequently a strategy towards OH surveillance system was developed. The strategy focused on assessing the combination of participatory epidemiological approaches and the deployment of mobile technologies to enhance the effectiveness of disease alerts and surveillance at the point of occurrence, which often lies in remote areas. We selected three study sites, namely the Ngorongoro, Kagera River basin and Zambezi River basin ecosystems. We have piloted and introduced the next-generation Android mobile phones running the EpiCollect application developed by Imperial College to aid geo-spatial and clinical data capture and transmission of this data from the field to the remote Information Technology (IT servers at the research hubs for storage, analysis, feedback and reporting. We expect that the combination of participatory epidemiology and technology will significantly improve OH disease surveillance in southern Africa.

Towards one health disease surveillance: the Southern African Centre for Infectious Disease Surveillance approach.

Science.gov (United States)

Karimuribo, Esron D; Sayalel, Kuya; Beda, Eric; Short, Nick; Wambura, Philemon; Mboera, Leonard G; Kusiluka, Lughano J M; Rweyemamu, Mark M

2012-06-20

Africa has the highest burden of infectious diseases in the world and yet the least capacity for its risk management. It has therefore become increasingly important to search for 'fit-for- purpose' approaches to infectious disease surveillance and thereby targeted disease control. The fact that the majority of human infectious diseases are originally of animal origin means we have to consider One Health (OH) approaches which require inter-sectoral collaboration for custom-made infectious disease surveillance in the endemic settings of Africa. A baseline survey was conducted to assess the current status and performance of human and animal health surveillance systems and subsequently a strategy towards OH surveillance system was developed. The strategy focused on assessing the combination of participatory epidemiological approaches and the deployment of mobile technologies to enhance the effectiveness of disease alerts and surveillance at the point of occurrence, which often lies in remote areas. We selected three study sites, namely the Ngorongoro, Kagera River basin and Zambezi River basin ecosystems. We have piloted and introduced the next-generation Android mobile phones running the EpiCollect application developed by Imperial College to aid geo-spatial and clinical data capture and transmission of this data from the field to the remote Information Technology (IT) servers at the research hubs for storage, analysis, feedback and reporting. We expect that the combination of participatory epidemiology and technology will significantly improve OH disease surveillance in southern Africa.

Defending IEEE 802.11-Based Networks Against Denial Of Service Attacks

National Research Council Canada - National Science Library

Tan, Boon

2003-01-01

...) attacks targeting its management and media access protocols Computer simulation models have proven to be effective tools in the study of cause and effect in numerous fields This thesis involved the design and implementation of a IEEE 8O2.11-based simulation model using OMNeT++, to investigate the effects of different types of DoS attacks on a IEEE 8O2.11 network, and the effectiveness of corresponding countermeasures.

The Effects of Denial-of-Service Attacks on Secure Time-Critical Communications in the Smart Grid

Energy Technology Data Exchange (ETDEWEB)

Zhang, Fengli [Univ. of Arkansas, Fayetteville, AR (United States); Li, QInghua [Univ. of Arkansas, Fayetteville, AR (United States); Mantooth, Homer Alan [Univ. of Arkansas, Fayetteville, AR (United States); Ross, Chase [Univ. of Arkansas, Fayetteville, AR (United States); Yang, Jing [Univ. of Arkansas, Fayetteville, AR (United States); Di, Jia [Univ. of Arkansas, Fayetteville, AR (United States); Balda, Juan Carlos [Univ. of Arkansas, Fayetteville, AR (United States)

2016-04-02

According to IEC 61850, many smart grid communications require messages to be delivered in a very short time. –Trip messages and sample values applied to the transmission level: 3 ms –Interlocking messages applied to the distribution level: 10 ms •Time-critical communications are vulnerable to denial-of-service (DoS) attacks –Flooding attack: Attacker floods many messages to the target network/machine. We conducted systematic, experimental study about how DoS attacks affect message delivery delays.

Information Systems to Support Surveillance for Malaria Elimination

Science.gov (United States)

Ohrt, Colin; Roberts, Kathryn W.; Sturrock, Hugh J. W.; Wegbreit, Jennifer; Lee, Bruce Y.; Gosling, Roly D.

2015-01-01

Robust and responsive surveillance systems are critical for malaria elimination. The ideal information system that supports malaria elimination includes: rapid and complete case reporting, incorporation of related data, such as census or health survey information, central data storage and management, automated and expert data analysis, and customized outputs and feedback that lead to timely and targeted responses. Spatial information enhances such a system, ensuring cases are tracked and mapped over time. Data sharing and coordination across borders are vital and new technologies can improve data speed, accuracy, and quality. Parts of this ideal information system exist and are in use, but have yet to be linked together coherently. Malaria elimination programs should support the implementation and refinement of information systems to support surveillance and response and ensure political and financial commitment to maintain the systems and the human resources needed to run them. National malaria programs should strive to improve the access and utility of these information systems and establish cross-border data sharing mechanisms through the use of standard indicators for malaria surveillance. Ultimately, investment in the information technologies that support a timely and targeted surveillance and response system is essential for malaria elimination. PMID:26013378

Intelligent video surveillance systems and technology

CERN Document Server

Ma, Yunqian

2009-01-01

From the streets of London to subway stations in New York City, hundreds of thousands of surveillance cameras ubiquitously collect hundreds of thousands of videos, often running 24/7. How can such vast volumes of video data be stored, analyzed, indexed, and searched? How can advanced video analysis and systems autonomously recognize people and detect targeted activities real-time? Collating and presenting the latest information Intelligent Video Surveillance: Systems and Technology explores these issues, from fundamentals principle to algorithmic design and system implementation.An Integrated

A Chronology of Attacks on and Unlawful Interferences with, Offshore Oil and Gas Installations, 1975 – 2010

Directory of Open Access Journals (Sweden)

Mikhail Kashubsky

2011-12-01

Full Text Available Throughout its history, the oil and gas industry has been a subject of environmental protests, labour disputes, tensions with local communities, and it has also been a target of various violent activities ranging from vandalism to political violence, which have impinged on the security of oil industry workers and interfered with operational activities of oil companies on numerous occasions. Although a considerable number of attacks on oil and gas infrastructure occurred over the course of the industry’s existence, most of those attacks were directed against onshore petroleum targets. Compared to onshore petroleum infrastructure, attacks on offshore oil and gas installations are relatively rare. The following chronology provides details of attacks, unlawful interferences, and security incidents involving offshore oil and gas installations that happened between 1975 and 2010. 

Limited attacks on the United States and the Soviet Union

International Nuclear Information System (INIS)

Levi, B.; Hippel, F. von.

1987-01-01

This report is focused on calculations carried out at Princeton University of the consequences of so-called ''limited'' nuclear attacks by the USA and the USSR on one another - primarily because such scenarios seem to be motivating the acquisition of new nuclear weapons. The conclusions were: The use of only a fraction of the destructive capacity in USA and Soviet nuclear arsenals could have catastrophic consequences to human kind. Although the primary justification of the tens of thousands of nuclear warheads in USA and Soviet arsenals is their potential use against military targets, the most commonly discussed potential large-scale military uses of these weapons - in attacks against the nuclear weapons of the other side - would result in tens of millions of civilian casualties. Certainly, if a first strike resulted in such a huge civilian toll, there could be little assurance of restraint in the response of the country that was attacked. The use of even 1% of the strategic arsenals of the USSR or the USA against the population, military industry or strategic-nuclear targets of the other nation could result in tens of millions of casualties. 17 refs, 6 figs, 5 tabs

The role of supplementary environmental surveillance to complement acute flaccid paralysis surveillance for wild poliovirus in Pakistan - 2011-2013.

Directory of Open Access Journals (Sweden)

Tori L Cowger

Full Text Available More than 99% of poliovirus infections are non-paralytic and therefore, not detected by acute flaccid paralysis (AFP surveillance. Environmental surveillance (ES can detect circulating polioviruses from sewage without relying on clinical presentation. With extensive ES and continued circulation of polioviruses, Pakistan presents a unique opportunity to quantify the impact of ES as a supplement to AFP surveillance on overall completeness and timeliness of poliovirus detection.Genetic, geographic and temporal data were obtained for all wild poliovirus (WPV isolates detected in Pakistan from January 2011 through December 2013. We used viral genetics to assess gaps in AFP surveillance and ES as measured by detection of 'orphan viruses' (≥1.5% different in VP1 capsid nucleotide sequence. We compared preceding detection of closely related circulating isolates (≥99% identity detected by AFP surveillance or ES to determine which surveillance system first detected circulation before the presentation of each polio case.A total of 1,127 WPV isolates were detected by AFP surveillance and ES in Pakistan from 2011-2013. AFP surveillance and ES combined exhibited fewer gaps (i.e., % orphan viruses in detection than AFP surveillance alone (3.3% vs. 7.7%, respectively. ES detected circulation before AFP surveillance in nearly 60% of polio cases (200 of 346. For polio cases reported from provinces conducting ES, ES detected circulation nearly four months sooner on average (117.6 days than did AFP surveillance.Our findings suggest ES in Pakistan is providing earlier, more sensitive detection of wild polioviruses than AFP surveillance alone. Overall, targeted ES through strategic selection of sites has important implications in the eradication endgame strategy.

Effective Proactive and Reactive Defense Strategies against Malicious Attacks in a Virtualized Honeynet

Directory of Open Access Journals (Sweden)

Frank Yeong-Sung Lin

2013-01-01

Full Text Available Virtualization plays an important role in the recent trend of cloud computing. It allows the administrator to manage and allocate hardware resources flexibly. However, it also causes some security issues. This is a critical problem for service providers, who simultaneously strive to defend against malicious attackers while providing legitimate users with high quality service. In this paper, the attack-defense scenario is formulated as a mathematical model where the defender applies both proactive and reactive defense mechanisms against attackers with different attack strategies. In order to simulate real-world conditions, the attackers are assumed to have incomplete information and imperfect knowledge of the target network. This raises the difficulty of solving the model greatly, by turning the problem nondeterministic. After examining the experiment results, effective proactive and reactive defense strategies are proposed. This paper finds that a proactive defense strategy is suitable for dealing with aggressive attackers under “winner takes all” circumstances, while a reactive defense strategy works better in defending against less aggressive attackers under “fight to win or die” circumstances.

Autonomous soaring and surveillance in wind fields with an unmanned aerial vehicle

Science.gov (United States)

Gao, Chen

Small unmanned aerial vehicles (UAVs) play an active role in developing a low-cost, low-altitude autonomous aerial surveillance platform. The success of the applications needs to address the challenge of limited on-board power plant that limits the endurance performance in surveillance mission. This thesis studies the mechanics of soaring flight, observed in nature where birds utilize various wind patterns to stay airborne without flapping their wings, and investigates its application to small UAVs in their surveillance missions. In a proposed integrated framework of soaring and surveillance, a bird-mimicking soaring maneuver extracts energy from surrounding wind environment that improves surveillance performance in terms of flight endurance, while the surveillance task not only covers the target area, but also detects energy sources within the area to allow for potential soaring flight. The interaction of soaring and surveillance further enables novel energy based, coverage optimal path planning. Two soaring and associated surveillance strategies are explored. In a so-called static soaring surveillance, the UAV identifies spatially-distributed thermal updrafts for soaring, while incremental surveillance is achieved through gliding flight to visit concentric expanding regions. A Gaussian-process-regression-based algorithm is developed to achieve computationally-efficient and smooth updraft estimation. In a so-called dynamic soaring surveillance, the UAV performs one cycle of dynamic soaring to harvest energy from the horizontal wind gradient to complete one surveillance task by visiting from one target to the next one. A Dubins-path-based trajectory planning approach is proposed to maximize wind energy extraction and ensure smooth transition between surveillance tasks. Finally, a nonlinear trajectory tracking controller is designed for a full six-degree-of-freedom nonlinear UAV dynamics model and extensive simulations are carried to demonstrate the effectiveness of

Distinguishing attack and second-preimage attack on encrypted message authentication codes (EMAC)

Science.gov (United States)

Ariwibowo, Sigit; Windarta, Susila

2016-02-01

In this paper we show that distinguisher on CBC-MAC can be applied to Encrypted Message Authentication Code (EMAC) scheme. EMAC scheme in general is vulnerable to distinguishing attack and second preimage attack. Distinguishing attack simulation on AES-EMAC using 225 message modifications, no collision have been found. According to second preimage attack simulation on AES-EMAC no collision found between EMAC value of S1 and S2, i.e. no second preimage found for messages that have been tested. Based on distinguishing attack simulation on truncated AES-EMAC we found collision in every message therefore we cannot distinguish truncated AES-EMAC with random function. Second-preimage attack is successfully performed on truncated AES-EMAC.

Accounting for spatially heterogeneous conditions in local-scale surveillance strategies: case study of the biosecurity insect pest, grape phylloxera (Daktulosphaira vitifoliae (Fitch)).

Science.gov (United States)

Triska, Maggie D; Powell, Kevin S; Collins, Cassandra; Pearce, Inca; Renton, Michael

2018-04-29

Surveillance strategies are often standardized and completed on grid patterns to detect pest incursions quickly; however, it may be possible to improve surveillance through more targeted surveillance that accounts for landscape heterogeneity, dispersal and the habitat requirements of the invading organism. We simulated pest spread at a local-scale, using grape phylloxera (Daktulosphaira vitifoliae (Fitch)) as a case study, and assessed the influence of incorporating spatial heterogeneity into surveillance strategies compared to current, standard surveillance strategies. Time to detection, spread within and spread beyond the vineyard were reduced by conducting surveys that target sampling effort in soil that is highly suitable to the invading pest in comparison to standard surveillance strategies. However, these outcomes were dependent on the virulence level of phylloxera as phylloxera is a complex pest with multiple genotypes that influence spread and detectability. Targeting surveillance strategies based on local-scale spatial heterogeneity can decrease the time to detection without increasing the survey cost and surveillance that targets highly suitable soil is the most efficient strategy for detecting new incursions. Additionally, combining targeted surveillance strategies with buffer zones and hygiene procedures, and updating surveillance strategies as additional species information becomes available, will further decrease the risk of pest spread. This article is protected by copyright. All rights reserved.

An approach to Identify the Risk Induced by Cyber-Attack on the Non-safety NPP I and C System

Energy Technology Data Exchange (ETDEWEB)

Kim, Hee Eun; Kang, Hyun Gook [KAIST, Daejeon (Korea, Republic of); Kim, Jong Hyun [Chosun University, Gwangju (Korea, Republic of); Son, Han Sung [Joonbu University, Geumsan (Korea, Republic of)

2016-05-15

In this study, influence of the attack on the non-safety system will be investigated, because the cyber-attack on the safety system cannot be accomplished easily. To identify the risk from cyber-attack, the result of PSA will be applied. Cyber-attack may cause other risks except for the core damage. Those risks also can be identified by applying this method. This study could be reinforced in a more realistic way if the information on the maintenance is considered, because certain type of cyber-attack could be detected during the maintenance. Also, possible set of wrong actions need to be selected, based on the knowledge of I and C system and its vulnerabilities because the hacker might not attack every information. To obtain the realistic result information that can be manipulated need to be listed, because the hacker may not attack certain information, not to be detected during the maintenance. In addition, by using the result of this study, the test plan for the cyber-attack can be suggested. If the scenario is given, the criteria for the test target selection can be obtained. It includes the target component and information.

An approach to Identify the Risk Induced by Cyber-Attack on the Non-safety NPP I and C System

International Nuclear Information System (INIS)

Kim, Hee Eun; Kang, Hyun Gook; Kim, Jong Hyun; Son, Han Sung

2016-01-01

In this study, influence of the attack on the non-safety system will be investigated, because the cyber-attack on the safety system cannot be accomplished easily. To identify the risk from cyber-attack, the result of PSA will be applied. Cyber-attack may cause other risks except for the core damage. Those risks also can be identified by applying this method. This study could be reinforced in a more realistic way if the information on the maintenance is considered, because certain type of cyber-attack could be detected during the maintenance. Also, possible set of wrong actions need to be selected, based on the knowledge of I and C system and its vulnerabilities because the hacker might not attack every information. To obtain the realistic result information that can be manipulated need to be listed, because the hacker may not attack certain information, not to be detected during the maintenance. In addition, by using the result of this study, the test plan for the cyber-attack can be suggested. If the scenario is given, the criteria for the test target selection can be obtained. It includes the target component and information

Systematic review of electronic surveillance of infectious diseases with emphasis on antimicrobial resistance surveillance in resource-limited settings.

Science.gov (United States)

Rattanaumpawan, Pinyo; Boonyasiri, Adhiratha; Vong, Sirenda; Thamlikitkul, Visanu

2018-02-01

Electronic surveillance of infectious diseases involves rapidly collecting, collating, and analyzing vast amounts of data from interrelated multiple databases. Although many developed countries have invested in electronic surveillance for infectious diseases, the system still presents a challenge for resource-limited health care settings. We conducted a systematic review by performing a comprehensive literature search on MEDLINE (January 2000-December 2015) to identify studies relevant to electronic surveillance of infectious diseases. Study characteristics and results were extracted and systematically reviewed by 3 infectious disease physicians. A total of 110 studies were included. Most surveillance systems were developed and implemented in high-income countries; less than one-quarter were conducted in low-or middle-income countries. Information technologies can be used to facilitate the process of obtaining laboratory, clinical, and pharmacologic data for the surveillance of infectious diseases, including antimicrobial resistance (AMR) infections. These novel systems require greater resources; however, we found that using electronic surveillance systems could result in shorter times to detect targeted infectious diseases and improvement of data collection. This study highlights a lack of resources in areas where an effective, rapid surveillance system is most needed. The availability of information technology for the electronic surveillance of infectious diseases, including AMR infections, will facilitate the prevention and containment of such emerging infectious diseases. Copyright © 2018 Association for Professionals in Infection Control and Epidemiology, Inc. Published by Elsevier Inc. All rights reserved.

Effective teaming of airborne and ground assets for surveillance and interdiction

OpenAIRE

Muratore, Mark J.

2010-01-01

Approved for public release; distribution is unlimited As Unmanned Aerial Vehicles (UAVs) become more prevalent on the battlefield, ground forces will have to increasingly rely on them for intelligence, surveillance, and reconnaissance (ISR), as well as target marking, and overwatch operations. The Situational Awareness for Surveillance and Interdiction Operations (SASIO) simulation analysis tool uses Design of Experiments (DOX) to study of aspects of UAV surveillance characteristics in co...

A Super-resolution Reconstruction Algorithm for Surveillance Video

Directory of Open Access Journals (Sweden)

Jian Shao

2017-01-01

Full Text Available Recent technological developments have resulted in surveillance video becoming a primary method of preserving public security. Many city crimes are observed in surveillance video. The most abundant evidence collected by the police is also acquired through surveillance video sources. Surveillance video footage offers very strong support for solving criminal cases, therefore, creating an effective policy, and applying useful methods to the retrieval of additional evidence is becoming increasingly important. However, surveillance video has had its failings, namely, video footage being captured in low resolution (LR and bad visual quality. In this paper, we discuss the characteristics of surveillance video and describe the manual feature registration – maximum a posteriori – projection onto convex sets to develop a super-resolution reconstruction method, which improves the quality of surveillance video. From this method, we can make optimal use of information contained in the LR video image, but we can also control the image edge clearly as well as the convergence of the algorithm. Finally, we make a suggestion on how to adjust the algorithm adaptability by analyzing the prior information of target image.

HIV surveillance in complex emergencies.

Science.gov (United States)

Salama, P; Dondero, T J

2001-04-01

Many studies have shown a positive association between both migration and temporary expatriation and HIV risk. This association is likely to be similar or even more pronounced for forced migrants. In general, HIV transmission in host-migrant or host-forced-migrant interactions depends on the maturity of the HIV epidemic in both the host and the migrant population, the relative seroprevalence of HIV in the host and the migrant population, the prevalence of other sexually transmitted infections (STIs) that may facilitate transmission, and the level of sexual interaction between the two communities. Complex emergencies are the major cause of mass population movement today. In complex emergencies, additional factors such as sexual interaction between forced-migrant populations and the military; sexual violence; increasing commercial sex work; psychological trauma; and disruption of preventive and curative health services may increase the risk for HIV transmission. Despite recent success in preventing HIV infection in stable populations in selected developing countries, internally displaced persons and refugees (or forced migrants) have not been systematically included in HIV surveillance systems, nor consequently in prevention activities. Standard surveillance systems that rely on functioning health services may not provide useful data in many complex emergency settings. Secondary sources can provide some information in these settings. Little attempt has been made, however, to develop innovative HIV surveillance systems in countries affected by complex emergencies. Consequently, data on the HIV epidemic in these countries are scarce and HIV prevention programs are either not implemented or interventions are not effectively targeted. Second generation surveillance methods such as cross-sectional, population-based surveys can provide rapid information on HIV, STIs, and sexual behavior. The risks for stigmatization and breaches of confidentiality must be recognized

Quantifying short-term foraging movements in a marsupial pest to improve targeted lethal control and disease surveillance.

Science.gov (United States)

Yockney, Ivor J; Latham, M Cecilia; Rouco, Carlos; Cross, Martin L; Nugent, Graham

2015-01-01

In New Zealand, the introduced marsupial brushtail possum (Trichosurus vulpecula) is a pest species subject to control measures, primarily to limit its ability to transmit bovine tuberculosis (TB) to livestock and for conservation protection. To better define parameters for targeted possum control and TB surveillance, we here applied a novel approach to analyzing GPS data obtained from 44 possums fitted with radio-tracking collars, producing estimates of the animals' short-term nocturnal foraging patterns based on 1-, 3- or 5-nights' contiguous data. Studies were conducted within two semi-arid montane regions of New Zealand's South Island High Country: these regions support low-density possum populations (control) or monitoring devices (for TB surveillance), set for > 3 consecutive nights at 150 m interval spacings, would likely place >95% of the possums in this type of habitat at risk of encountering these devices, year-round. Modelling control efficacy against operational expenditure, based on these estimations, identified the relative cost-effectiveness of various strategies that could be applied to a typical aerial poisoning operation, to reduce the ongoing TB vectorial risk that possums pose in the High Country regions. These habitat-specific findings are likely to be more relevant than the conventional pest control and monitoring methodologies developed for possums in their more typical forested habitat.

Cooperating attackers in neural cryptography.

Science.gov (United States)

Shacham, Lanir N; Klein, Einat; Mislovaty, Rachel; Kanter, Ido; Kinzel, Wolfgang

2004-06-01

A successful attack strategy in neural cryptography is presented. The neural cryptosystem, based on synchronization of neural networks by mutual learning, has been recently shown to be secure under different attack strategies. The success of the advanced attacker presented here, called the "majority-flipping attacker," does not decay with the parameters of the model. This attacker's outstanding success is due to its using a group of attackers which cooperate throughout the synchronization process, unlike any other attack strategy known. An analytical description of this attack is also presented, and fits the results of simulations.

Crony Attack: Strategic Attack’s Silver Bullet

Science.gov (United States)

2006-11-01

physical assets or financial assets. The form of crony attack that most closely resembles classic strategic attack is to deny, degrade, or destroy a money...February 1951. Reprinted in Airpower Studies Coursebook , Air Command and Staff College, Maxwell AFB, AL, 2002, 152–58. Hirsch, Michael. “NATO’s Game of

Mixed-Signal Hardware Security: Attacks and Countermeasures for ΔΣ ADC

Directory of Open Access Journals (Sweden)

Shayan Taheri

2017-08-01

Full Text Available Mixed-signal integrated circuits (ICs play an eminent and critical role in design and development of the embedded systems leveraged within smart weapons and military systems. These ICs can be a golden target for adversaries to compromise in order to function maliciously. In this work, we study the security aspects of a tunnel field effect transistor (TFET-based first-order one-bit delta-sigma ( Δ Σ analog to digital converter (ADC through proposing four attack and one defense models. The first attack manipulates the input signal to the Δ Σ modulator. The second attack manipulates the analog version of the modulator output bit and is triggered by the noise signal. The third attack manipulates the modulator output bit and has a controllable trigger mechanism. The fourth attack manipulates the analog version of the modulator output bit and is triggered by a victim capacitance within the chip. For the defense, a number of signal processing filters are used in order to purge the analog version of the modulator output bit for elimination of the malicious unwanted features, introduced by the attacks. According to the simulation results, the second threat model displays the strongest attack. Derived from the countermeasure evaluation, the best filter to confront the threat models is the robust regression using the least absolute residual computing method.

Omen: identifying potential spear-phishing targets before the email is sent.

Energy Technology Data Exchange (ETDEWEB)

Wendt, Jeremy Daniel.

2013-07-01

We present the results of a two year project focused on a common social engineering attack method called "spear phishing". In a spear phishing attack, the user receives an email with information specifically focused on the user. This email contains either a malware-laced attachment or a link to download the malware that has been disguised as a useful program. Spear phishing attacks have been one of the most effective avenues for attackers to gain initial entry into a target network. This project focused on a proactive approach to spear phishing. To create an effective, user-specific spear phishing email, the attacker must research the intended recipient. We believe that much of the information used by the attacker is provided by the target organization's own external website. Thus when researching potential targets, the attacker leaves signs of his research in the webserver's logs. We created tools and visualizations to improve cybersecurity analysts' abilities to quickly understand a visitor's visit patterns and interests. Given these suspicious visitors and log-parsing tools, analysts can more quickly identify truly suspicious visitors, search for potential spear-phishing targeted users, and improve security around those users before the spear phishing email is sent.

Information systems to support surveillance for malaria elimination.

Science.gov (United States)

Ohrt, Colin; Roberts, Kathryn W; Sturrock, Hugh J W; Wegbreit, Jennifer; Lee, Bruce Y; Gosling, Roly D

2015-07-01

Robust and responsive surveillance systems are critical for malaria elimination. The ideal information system that supports malaria elimination includes: rapid and complete case reporting, incorporation of related data, such as census or health survey information, central data storage and management, automated and expert data analysis, and customized outputs and feedback that lead to timely and targeted responses. Spatial information enhances such a system, ensuring cases are tracked and mapped over time. Data sharing and coordination across borders are vital and new technologies can improve data speed, accuracy, and quality. Parts of this ideal information system exist and are in use, but have yet to be linked together coherently. Malaria elimination programs should support the implementation and refinement of information systems to support surveillance and response and ensure political and financial commitment to maintain the systems and the human resources needed to run them. National malaria programs should strive to improve the access and utility of these information systems and establish cross-border data sharing mechanisms through the use of standard indicators for malaria surveillance. Ultimately, investment in the information technologies that support a timely and targeted surveillance and response system is essential for malaria elimination. © The American Society of Tropical Medicine and Hygiene.

Surveillance mission planning for UAVs in GPS-denied urban environment

Science.gov (United States)

Pengfei, Wang

In this thesis, the issues involved in the mission planning of UAVs for city surveillance have been studied. In this thesis, the research includes two major parts. Firstly, a mission planning system is developed that generates mission plans for a group of fixed-wing UAVs with on-board gimballed cameras to provide continuous surveillance over an urban area. Secondly, the problem of perching location selection (as part of perch-and-stare surveillance mission) for rotary-wing UAVs in a GPS-denied environment is studied. In this kind of mission, a UAV is dispatched to perch on a roof of a building to keep surveillance on a given target. The proposed algorithms to UAV surveillance mission planning (fixed-wing and rotary-wing) have been implemented and tested. It represents an important step towards achieving autonomous planning in UAV surveillance missions.

Real-time wideband holographic surveillance system

Science.gov (United States)

Sheen, D.M.; Collins, H.D.; Hall, T.E.; McMakin, D.L.; Gribble, R.P.; Severtsen, R.H.; Prince, J.M.; Reid, L.D.

1996-09-17

A wideband holographic surveillance system including a transceiver for generating a plurality of electromagnetic waves; antenna for transmitting the electromagnetic waves toward a target at a plurality of predetermined positions in space; the transceiver also receiving and converting electromagnetic waves reflected from the target to electrical signals at a plurality of predetermined positions in space; a computer for processing the electrical signals to obtain signals corresponding to a holographic reconstruction of the target; and a display for displaying the processed information to determine nature of the target. The computer has instructions to apply a three dimensional backward wave algorithm. 28 figs.

Composite Dos Attack Model

Directory of Open Access Journals (Sweden)

Simona Ramanauskaitė

2012-04-01

Full Text Available Preparation for potential threats is one of the most important phases ensuring system security. It allows evaluating possible losses, changes in the attack process, the effectiveness of used countermeasures, optimal system settings, etc. In cyber-attack cases, executing real experiments can be difficult for many reasons. However, mathematical or programming models can be used instead of conducting experiments in a real environment. This work proposes a composite denial of service attack model that combines bandwidth exhaustion, filtering and memory depletion models for a more real representation of similar cyber-attacks. On the basis of the introduced model, different experiments were done. They showed the main dependencies of the influence of attacker and victim’s properties on the success probability of denial of service attack. In the future, this model can be used for the denial of service attack or countermeasure optimization.

Single and Multiple UAV Cyber-Attack Simulation and Performance Evaluation

Directory of Open Access Journals (Sweden)

Ahmad Y. Javaid

2015-02-01

Full Text Available Usage of ground, air and underwater unmanned vehicles (UGV, UAV and UUV has increased exponentially in the recent past with industries producing thousands of these unmanned vehicles every year.With the ongoing discussion of integration of UAVs in the US National Airspace, the need of a cost-effective way to verify the security and resilience of a group of communicating UAVs under attack has become very important. The answer to this need is a simulation testbed which can be used to simulate the UAV Network (UAVNet. One of these attempts is - UAVSim (Unmanned Aerial Vehicle Simulation testbed developed at the University of Toledo. It has the capability of simulating large UAV networks as well as small UAV networks with large number of attack nodes. In this paper, we analyse the performance of the simulation testbed for two attacks, targeting single and multiple UAVs. Traditional and generic computing resource available in a regular computer laboratory was used. Various evaluation results have been presented and analysed which suggest the suitability of UAVSim for UAVNet attack and swarm simulation applications.

VoIP attacks detection engine based on neural network

Science.gov (United States)

Safarik, Jakub; Slachta, Jiri

2015-05-01

The security is crucial for any system nowadays, especially communications. One of the most successful protocols in the field of communication over IP networks is Session Initiation Protocol. It is an open-source project used by different kinds of applications, both open-source and proprietary. High penetration and text-based principle made SIP number one target in IP telephony infrastructure, so security of SIP server is essential. To keep up with hackers and to detect potential malicious attacks, security administrator needs to monitor and evaluate SIP traffic in the network. But monitoring and following evaluation could easily overwhelm the security administrator in networks, typically in networks with a number of SIP servers, users and logically or geographically separated networks. The proposed solution lies in automatic attack detection systems. The article covers detection of VoIP attacks through a distributed network of nodes. Then the gathered data analyze aggregation server with artificial neural network. Artificial neural network means multilayer perceptron network trained with a set of collected attacks. Attack data could also be preprocessed and verified with a self-organizing map. The source data is detected by distributed network of detection nodes. Each node contains a honeypot application and traffic monitoring mechanism. Aggregation of data from each node creates an input for neural networks. The automatic classification on a centralized server with low false positive detection reduce the cost of attack detection resources. The detection system uses modular design for easy deployment in final infrastructure. The centralized server collects and process detected traffic. It also maintains all detection nodes.

Attack Classification Schema for Smart City WSNs.

Science.gov (United States)

Garcia-Font, Victor; Garrigues, Carles; Rifà-Pous, Helena

2017-04-05

Urban areas around the world are populating their streets with wireless sensor networks (WSNs) in order to feed incipient smart city IT systems with metropolitan data. In the future smart cities, WSN technology will have a massive presence in the streets, and the operation of municipal services will be based to a great extent on data gathered with this technology. However, from an information security point of view, WSNs can have failures and can be the target of many different types of attacks. Therefore, this raises concerns about the reliability of this technology in a smart city context. Traditionally, security measures in WSNs have been proposed to protect specific protocols in an environment with total control of a single network. This approach is not valid for smart cities, as multiple external providers deploy a plethora of WSNs with different security requirements. Hence, a new security perspective needs to be adopted to protect WSNs in smart cities. Considering security issues related to the deployment of WSNs as a main data source in smart cities, in this article, we propose an intrusion detection framework and an attack classification schema to assist smart city administrators to delimit the most plausible attacks and to point out the components and providers affected by incidents. We demonstrate the use of the classification schema providing a proof of concept based on a simulated selective forwarding attack affecting a parking and a sound WSN.

Attack Classification Schema for Smart City WSNs

Directory of Open Access Journals (Sweden)

Victor Garcia-Font

2017-04-01

Full Text Available Urban areas around the world are populating their streets with wireless sensor networks (WSNs in order to feed incipient smart city IT systems with metropolitan data. In the future smart cities, WSN technology will have a massive presence in the streets, and the operation of municipal services will be based to a great extent on data gathered with this technology. However, from an information security point of view, WSNs can have failures and can be the target of many different types of attacks. Therefore, this raises concerns about the reliability of this technology in a smart city context. Traditionally, security measures in WSNs have been proposed to protect specific protocols in an environment with total control of a single network. This approach is not valid for smart cities, as multiple external providers deploy a plethora of WSNs with different security requirements. Hence, a new security perspective needs to be adopted to protect WSNs in smart cities. Considering security issues related to the deployment of WSNs as a main data source in smart cities, in this article, we propose an intrusion detection framework and an attack classification schema to assist smart city administrators to delimit the most plausible attacks and to point out the components and providers affected by incidents. We demonstrate the use of the classification schema providing a proof of concept based on a simulated selective forwarding attack affecting a parking and a sound WSN.

Terrorist Attacks in Mumbai, India, and Implications for U.S. Interests

National Research Council Canada - National Science Library

Kronstadt, K. A

2008-01-01

On the evening of November 26, 2008, a number of well-trained militants came ashore from the Arabian Sea on small boats and attacked numerous high-profile targets in Mumbai, India, with automatic weapons and explosives...

Active Detection for Exposing Intelligent Attacks in Control Systems

Energy Technology Data Exchange (ETDEWEB)

Weerakkody, Sean [Carnegie Mellon Univ., Pittsburgh, PA (United States); Ozel, Omur [Carnegie Mellon Univ., Pittsburgh, PA (United States); Griffioen, Paul [Carnegie Mellon Univ., Pittsburgh, PA (United States); Sinopoli, Bruno [Carnegie Mellon Univ., Pittsburgh, PA (United States)

2017-07-01

In this paper, we consider approaches for detecting integrity attacks carried out by intelligent and resourceful adversaries in control systems. Passive detection techniques are often incorporated to identify malicious behavior. Here, the defender utilizes finely-tuned algorithms to process information and make a binary decision, whether the system is healthy or under attack. We demonstrate that passive detection can be ineffective against adversaries with model knowledge and access to a set of input/output channels. We then propose active detection as a tool to detect attacks. In active detection, the defender leverages degrees of freedom he has in the system to detect the adversary. Specifically, the defender will introduce a physical secret kept hidden from the adversary, which can be utilized to authenticate the dynamics. In this regard, we carefully review two approaches for active detection: physical watermarking at the control input, and a moving target approach for generating system dynamics. We examine practical considerations for implementing these technologies and discuss future research directions.

Heart Attack Recovery FAQs

Science.gov (United States)

... recommendations to make a full recovery. View an animation of a heart attack . Heart Attack Recovery Questions ... Support Network Popular Articles 1 Understanding Blood Pressure Readings 2 Sodium and Salt 3 Heart Attack Symptoms ...

Recent computer attacks via Instant Messaging

CERN Multimedia

IT Department

2008-01-01

Be cautious of any unexpected messages containing web links even if they appear to come from known contacts. If you happen to click on such a link and if your permission is requested to run or install software, always decline it. Several computers at CERN have recently been broken into by attackers who have tricked users of Instant Messaging applications (e.g. MSN, Yahoo Messenger, etc.) into clicking on web links which appeared to come from known contacts. The links appeared to be photos from ‘friends’ and requested software to be installed. In practice, attacker software was installed and the messages did not come from real contacts. In the past such fake messages were mainly sent by email but now a wider range of applications are being targeted, including Instant Messaging. Cybercriminals are making growing use of fake messages to try to trick you into clicking on Web links which will help them to install malicious software on your computer. Anti-virus software cann...

The results of gynecologic surveillance in families with hereditary nonpolyposis colorectal cancer

DEFF Research Database (Denmark)

Ketabi, Zohreh; Gerdes, Anne-Marie; Mosgaard, Berit

2014-01-01

Objective. We aimed to estimate the incidence rate of endometrial cancer (EC) and to evaluate the results of EC-surveillance in hereditary nonpolyposis colorectal cancer (HNPCC) families. Methods. All at-risk women recommended for EC-surveillance by the HNPCC-register-2959 women (19,334 women yea...... of having Lynch syndrome. We conclude that EC surveillance should only be targeted at MMR-mutation carriers. (C) 2014 Elsevier Inc. All rights reserved....

Seven Deadliest Wireless Technologies Attacks

CERN Document Server

Haines, Brad

2010-01-01

How can an information security professional keep up with all of the hacks, attacks, and exploits? One way to find out what the worst of the worst are is to read the seven books in our Seven Deadliest Attacks Series. Not only do we let you in on the anatomy of these attacks but we also tell you how to get rid of them and how to defend against them in the future. Countermeasures are detailed so that you can fight against similar attacks as they evolve. Attacks featured in this book include:Bluetooth AttacksCredit Card, Access Card, and Passport AttacksBad Encryption

Terrorist targeting and energy security

Energy Technology Data Exchange (ETDEWEB)

Toft, Peter; Duero, Arash; Bieliauskas, Arunas [Institute of Energy, Joint Research Center of the European Commission, P.O. Box 2, 1755 ZG Petten (Netherlands)

2010-08-15

Sudden, short-term disruptions seriously endangering energy security can be triggered by a variety of events - among them attacks by terrorists. This study investigates terrorist attack practices against energy infrastructures and discusses how we may understand them. Our results indicate that attacks against energy infrastructures are comparatively few. Also, we find no strong connection between the ideologies of various terrorist groups and their proclivity to attack. In addition, the highly disproportionate number of attacks in a handful of countries highlights the strong geographic concentration of attacks. To explain these findings, we analyze terrorist targeting incentives including intimidation levels, symbolism, attack feasibility, and concerns for stakeholders. We argue that terrorists in general have comparatively few incentives to attack energy supply infrastructures based on our assessment of these factors. Moreover, higher levels of terrorist incidents in states more prone to internal violent conflict may suggest stronger incentives to attack energy infrastructures. When outlining energy security policies, the low frequency of worldwide attacks coupled with the high concentration of attacks in certain unstable countries should be taken into consideration. Energy importing countries could benefit from developing strategies to increase stability in key energy supply and/or transit countries facing risks of internal instability. (author)

SDN-based path hopping communication against eavesdropping attack

Science.gov (United States)

Zhang, Chuanhao; Bu, Youjun; Zhao, Zheng

2016-10-01

Network eavesdropping is one of the most popular means used by cyber attackers, which has been a severe threat to network communication security. Adversaries could capture and analyze network communication data from network nodes or links, monitor network status and steal sensitive data such as username and password etc. Traditional network usually uses static network configuration, and existing defense methods, including firewall, IDS, IPS etc., cannot prevent eavesdropping, which has no distinguishing characteristic. Network eavesdropping become silent during most of the time of the attacking process, which is why it is difficult to discover and to defend. But A successful eavesdropping attack also has its' precondition, which is the target path should be relatively stable and has enough time of duration. So, In order to resolve this problem, it has to work on the network architecture. In this paper, a path hopping communication(PHC) mechanism based on Software Define Network (SDN) was proposed to solve this problem. In PHC, Ends in communication packets as well as the routing paths were changed dynamically. Therefore, the traffic would be distributed to multiple flows and transmitted along different paths. so that Network eavesdropping attack could be prevented effectively. It was concluded that PHC was able to increase the overhead of Network eavesdropping, as well as the difficulty of communication data recovery.

Target-oriented utility theory for modeling the deterrent effects of counterterrorism

International Nuclear Information System (INIS)

Bier, Vicki M.; Kosanoglu, Fuat

2015-01-01

Optimal resource allocation in security has been a significant challenge for critical infrastructure protection. Numerous studies use game theory as the method of choice, because of the fact that an attacker can often observe the defender’s investment in security and adapt his choice of strategies accordingly. However, most of these models do not explicitly consider deterrence, with the result that they may lead to wasted resources if less investment would be sufficient to deter an attack. In this paper, we assume that the defender is uncertain about the level of defensive investment that would deter an attack, and use the target-oriented utility to optimize the level of defensive investment, taking into account the probability of deterrence. - Highlights: • We propose a target-oriented utility model for attacker deterrence. • We model attack deterrence as a function of attacker success probability. • We compare target-oriented utility model and conventional game-theoretical model. • Results show that our model results better value of the defender’s objective function. • Results support that defending series systems is more difficult than parallel systems

Survival of the relocated population of the U. S. after a nuclear attack. Final report

Energy Technology Data Exchange (ETDEWEB)

Haaland, C.M.; Chester, C.V.; Wigner, E.P.

1976-06-01

The feasibility of continued survival after a hypothetical nuclear attack is evaluated for people relocated from high-risk areas during the crisis period before the attack. The attack consists of 6559 MT, of which 5951 MT are ground bursts on military, industrial, and urban targets. Relocated people are assumed to be adequately protected from fallout radiation by shelters of various kinds. The major problems in the postattack situation will be the control of exposure to fallout radiation, and prevention of severe food shortages to several tens of millions of people.

Vulnerability to terrorist attacks in European electricity decarbonisation scenarios: Comparing renewable electricity imports to gas imports

International Nuclear Information System (INIS)

Lilliestam, Johan

2014-01-01

The decarbonised future European electricity system must remain secure: reliable electricity supply is a prerequisite for the functioning of modern society. Scenarios like Desertec, which partially rely on solar power imports from the Middle East and North Africa, may be attractive for decarbonisation, but raise concerns about terrorists interrupting supply by attacking the long, unprotected transmission lines in the Sahara. In this paper, I develop new methods and assess the European vulnerability to terrorist attacks in the Desertec scenario. I compare this to the vulnerability of today's system and a decarbonisation scenario in which Europe relies on gas imports for electricity generation. I show that the vulnerability of both gas and electricity imports is low, but electricity imports are more vulnerable than gas imports, due to their technical characteristics. Gas outages (and, potentially, resulting blackouts) are the very unlikely consequence even of very high-number attacks against the gas import system, whereas short blackouts are the potential consequence of a few attacks against the import electricity lines. As the impacts of all except extreme attacks are limited, terrorists cannot attack energy infrastructure and cause spectacular, fear-creating outages. Both gas and electricity import infrastructure are thus unattractive and unlikely terrorist targets. - Highlights: • A comparison of terrorism risks of importing solar power and gas for power generation. • Both scenarios show low vulnerability to terrorist attacks. • Within low vulnerabilities, gas imports are less vulnerable than electricity imports. • Causing spectacular, large and long outages is very difficult for attacker. • The attractiveness of gas and power import infrastructure as terrorist target is low

Assessing risk from intelligent attacks: A perspective on approaches

International Nuclear Information System (INIS)

Guikema, Seth D.; Aven, Terje

2010-01-01

Assessing the uncertainties in and severity of the consequences of intelligent attacks are fundamentally different from risk assessment for accidental events and other phenomena with inherently random failures. Intelligent attacks against a system involve adaptation on the part of the adversary. The probabilities of the initiating events depend on the risk management actions taken, and they may be more difficult to assess due to high degrees of epistemic uncertainty about the motivations and future actions of adversaries. Several fundamentally different frameworks have been proposed for assessing risk from intelligent attacks. These include basing risk assessment and management on game theoretic modelling of attacker actions, using a probabilistic risk analysis (PRA) approach based on eliciting probabilities of different initiating events from appropriate experts, assessing uncertainties beyond probabilities and expected values, and ignoring the probabilities of the attacks and choosing to protect highest valued targets. In this paper we discuss and compare the fundamental assumptions that underlie each of these approaches. We then suggest a new framework that makes the fundamental assumptions underlying the approaches clear to decision makers and presents them with a suite of results from conditional risk analysis methods. Each of the conditional methods presents the risk from a specified set of fundamental assumptions, allowing the decision maker to see the impacts of these assumptions on the risk management strategies considered and to weight the different conditional results with their assessments of the relative likelihood of the different sets of assumptions.

Where can an Insider attack?

DEFF Research Database (Denmark)

Probst, Christian W.; Hansen, René Rydhof; Nielson, Flemming

2006-01-01

By definition, an insider has better access, is more trusted, and has better information about internal procedures, high-value targets, and potential weak spots in the security, than an outsider. Consequently, an insider attack has the potential to cause significant, even catastrophic, damage...... to the targeted organisation. While the problem is well recognised in the security community as well as in law-enforcement and intelligence communities, the main resort still is to audit log files \\$\\backslash\\$emph{after the fact}. There has been little research into developing models, automated tools......, and techniques for analysing and solving (parts of) the problem. In this paper we first develop a formal model of systems, that can describe real-world scenarios. These high-level models are then mapped to acKlaim, a process algebra with support for access control, that is used to study and analyse properties...

Achievable Rate Estimation of IEEE 802.11ad Visual Big-Data Uplink Access in Cloud-Enabled Surveillance Applications.

Science.gov (United States)

Kim, Joongheon; Kim, Jong-Kook

2016-01-01

This paper addresses the computation procedures for estimating the impact of interference in 60 GHz IEEE 802.11ad uplink access in order to construct visual big-data database from randomly deployed surveillance camera sensing devices. The acquired large-scale massive visual information from surveillance camera devices will be used for organizing big-data database, i.e., this estimation is essential for constructing centralized cloud-enabled surveillance database. This performance estimation study captures interference impacts on the target cloud access points from multiple interference components generated by the 60 GHz wireless transmissions from nearby surveillance camera devices to their associated cloud access points. With this uplink interference scenario, the interference impacts on the main wireless transmission from a target surveillance camera device to its associated target cloud access point with a number of settings are measured and estimated under the consideration of 60 GHz radiation characteristics and antenna radiation pattern models.

Solidarity under Attack

DEFF Research Database (Denmark)

Meret, Susi; Goffredo, Sergio

2017-01-01

https://www.opendemocracy.net/can-europe-make-it/susi-meret-sergio-goffredo/solidarity-under-attack......https://www.opendemocracy.net/can-europe-make-it/susi-meret-sergio-goffredo/solidarity-under-attack...

Mass gatherings: A one-stop opportunity to complement global disease surveillance

Directory of Open Access Journals (Sweden)

Habida Elachola

2016-01-01

Full Text Available Emerging infections including those resulting from the bioterrorist use of infectious agents have indicated the need for global health surveillance. This paper reviews multiple surveillance opportunities presented by mass gatherings (MGs that align with fundamental questions in epidemiology (why, what, who, where, when and how. Some MGs bring together large, diverse population groups coming from countries with high prevalence of communicable diseases and disparate surveillance capacities. MGs have the potential to exacerbate the transmission dynamics of infectious diseases due to various factors including the high population density and rigor of events, increase in number of people with underlying diseases that predisposes them to disease acquisition, mixing of people from countries or regions with and without efficient disease control efforts, and varying endemicity or existence of communicable diseases in home countries. MGs also have the potential to increase the opportunities for mechanical and even heat-related injuries, morbidity or deaths from accidents, alcohol use, deliberate terrorist attacks with biological agents and/or with explosives and from exacerbation of pre-existing conditions. Responding to these wider range of events may require the use of novel bio-surveillance systems designed to collect data from different sources including electronic and non-electronic medical records from emergency departments and hospitalisations, laboratories, medical examiners, emergency call centres, veterinary, food processors, drinking water systems and even other non-traditional sources such as over-the-counter drug sales and crowd photographs. Well-structured, interoperable real-time surveillance and reporting systems should be integral to MG planning. The increase in magnitude of participants exceeding millions and diversity of people attending MGs can be proactively used to conduct active surveillance of communicable and non

Attack surfaces

DEFF Research Database (Denmark)

Gruschka, Nils; Jensen, Meiko

2010-01-01

The new paradigm of cloud computing poses severe security risks to its adopters. In order to cope with these risks, appropriate taxonomies and classification criteria for attacks on cloud computing are required. In this work-in-progress paper we present one such taxonomy based on the notion...... of attack surfaces of the cloud computing scenario participants....

Semi-automated reviewing station for IAEA optical surveillance data

International Nuclear Information System (INIS)

Darnell, R.A.; Sonnier, C.S.

1987-01-01

A study is underway on the use of computer vision technology to assist in visual inspection of optical surveillance data. The IAEA currently uses optical surveillance as one of its principle Containment and Surveillance (C/S) measures. The review process is a very time-consuming and tedious task, due to the large amount of optical surveillance data to be reviewed. For some time, the IAEA has identified as one of its principle needs an automated optical surveillance data reviewing station that assists the reviewer in identifying activities of safeguards interest, such as the movement of a very large spent fuel cask. The present development reviewing station consists of commercially available digital image processing hardware controlled by a personal computer. The areas under study include change detection, target discrimination, tracking, and classification. Several algorithms are being evaluated in each of these areas using recorded video tape of safeguards relevant scenes. The computer vision techniques and current status of the studies are discussed

The Need for European Surveillance of CDI.

Science.gov (United States)

Wiuff, Camilla; Banks, A-Lan; Fitzpatrick, Fidelma; Cottom, Laura

2018-01-01

Since the turn of the millennium, the epidemiology of Clostridium difficile infection (CDI) has continued to challenge. Over the last decade there has been a growing awareness that improvements to surveillance are needed. The increasing rate of CDI and emergence of ribotype 027 precipitated the implementation of mandatory national surveillance of CDI in the UK. Changes in clinical presentation, severity of disease, descriptions of new risk factors and the occurrence of outbreaks all emphasised the importance of early diagnosis and surveillance.However a lack of consensus on case definitions, clinical guidelines and optimal laboratory diagnostics across Europe has lead to the underestimation of CDI and impeded comparison between countries. These inconsistencies have prevented the true burden of disease from being appreciated.Acceptance that a multi-country surveillance programme and optimised diagnostic strategies are required not only to detect and control CDI in Europe, but for a better understanding of the epidemiology, has built the foundations for a more robust, unified surveillance. The concerted efforts of the European Centre for Disease Prevention and Control (ECDC) CDI networks, has lead to the development of an over-arching long-term CDI surveillance strategy for 2014-2020. Fulfilment of the ECDC priorities and targets will no doubt be challenging and will require significant investment however the hope is that both a national and Europe-wide picture of CDI will finally be realised.

CCTV Coverage Index Based on Surveillance Resolution and Its Evaluation Using 3D Spatial Analysis

Directory of Open Access Journals (Sweden)

Kyoungah Choi

2015-09-01

Full Text Available We propose a novel approach to evaluating how effectively a closed circuit television (CCTV system can monitor a targeted area. With 3D models of the target area and the camera parameters of the CCTV system, the approach produces surveillance coverage index, which is newly defined in this study as a quantitative measure for surveillance performance. This index indicates the proportion of the space being monitored with a sufficient resolution to the entire space of the target area. It is determined by computing surveillance resolution at every position and orientation, which indicates how closely a specific object can be monitored with a CCTV system. We present full mathematical derivation for the resolution, which depends on the location and orientation of the object as well as the geometric model of a camera. With the proposed approach, we quantitatively evaluated the surveillance coverage of a CCTV system in an underground parking area. Our evaluation process provided various quantitative-analysis results, compelling us to examine the design of the CCTV system prior to its installation and understand the surveillance capability of an existing CCTV system.

Effectiveness of Using Red-Teams to Identify Maritime Security Vulnerabilities to Terrorist Attack

National Research Council Canada - National Science Library

Culpepper, Anna

2004-01-01

.... Moreover, there have been no attacks on homeland U.S. targets since September 11. The red team concept provides an innovative method to examine these vulnerabilities from the terrorist perspective...

Some scale-free networks could be robust under selective node attacks

Science.gov (United States)

Zheng, Bojin; Huang, Dan; Li, Deyi; Chen, Guisheng; Lan, Wenfei

2011-04-01

It is a mainstream idea that scale-free network would be fragile under the selective attacks. Internet is a typical scale-free network in the real world, but it never collapses under the selective attacks of computer viruses and hackers. This phenomenon is different from the deduction of the idea above because this idea assumes the same cost to delete an arbitrary node. Hence this paper discusses the behaviors of the scale-free network under the selective node attack with different cost. Through the experiments on five complex networks, we show that the scale-free network is possibly robust under the selective node attacks; furthermore, the more compact the network is, and the larger the average degree is, then the more robust the network is; with the same average degrees, the more compact the network is, the more robust the network is. This result would enrich the theory of the invulnerability of the network, and can be used to build robust social, technological and biological networks, and also has the potential to find the target of drugs.

Assessing the Stability and Robustness of Semantic Web Services Recommendation Algorithms Under Profile Injection Attacks

Directory of Open Access Journals (Sweden)

GRANDIN, P. H.

2014-06-01

Full Text Available Recommendation systems based on collaborative filtering are open by nature, what makes them vulnerable to profile injection attacks that insert biased evaluations in the system database in order to manipulate recommendations. In this paper we evaluate the stability and robustness of collaborative filtering algorithms applied to semantic web services recommendation when submitted to random and segment profile injection attacks. We evaluated four algorithms: (1 IMEAN, that makes predictions using the average of the evaluations received by the target item; (2 UMEAN, that makes predictions using the average of the evaluation made by the target user; (3 an algorithm based on the k-nearest neighbor (k-NN method and (4, an algorithm based on the k-means clustering method.The experiments showed that the UMEAN algorithm is not affected by the attacks and that IMEAN is the most vulnerable of all algorithms tested. Nevertheless, both UMEAN and IMEAN have little practical application due to the low precision of their predictions. Among the algorithms with intermediate tolerance to attacks but with good prediction performance, the algorithm based on k-nn proved to be more robust and stable than the algorithm based on k-means.

Seven Deadliest Microsoft Attacks

CERN Document Server

Kraus, Rob; Borkin, Mike; Alpern, Naomi

2010-01-01

Do you need to keep up with the latest hacks, attacks, and exploits effecting Microsoft products? Then you need Seven Deadliest Microsoft Attacks. This book pinpoints the most dangerous hacks and exploits specific to Microsoft applications, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Windows Operating System-Password AttacksActive Directory-Escalat

Enhancing Security and Privacy in Video Surveillance through Role-Oriented Access Control Mechanism

DEFF Research Database (Denmark)

Mahmood Rajpoot, Qasim

sensitive regions, e.g. faces, from the videos. However, very few research efforts have focused on addressing the security aspects of video surveillance data and on authorizing access to this data. Interestingly, while PETs help protect the privacy of individuals, they may also hinder the usefulness....... Pervasive usage of such systems gives substantial powers to those monitoring the videos and poses a threat to the privacy of anyone observed by the system. Aside from protecting privacy from the outside attackers, it is equally important to protect the privacy of individuals from the inside personnel...... involved in monitoring surveillance data to minimize the chances of misuse of the system, e.g. voyeurism. In this context, several techniques to protect the privacy of individuals, called privacy enhancing techniques (PET) have therefore been proposed in the literature which detect and mask the privacy...

False targets vs. redundancy in homogeneous parallel systems

International Nuclear Information System (INIS)

Levitin, Gregory; Hausken, Kjell

2009-01-01

System defense against natural threats and disasters that have a stochastic nature includes providing redundancy and protecting system elements. The defense against strategic intentional attacks can also include deploying false targets aimed at misleading the attacker. Distribution of the available resources among different defensive means is an important problem that arises in organizing the defense of complex civil infrastructures, industrial systems or military objects. The article considers defense resource allocation in a system exposed to external intentional attack. The expected damage caused by the attack is evaluated as system unsupplied demand. The defender distributes its limited resource between deploying redundant genuine elements and false elements, both of which are targets of attack. The attacker attacks a subset of the elements and distributes its limited resource evenly among the attacked elements. Two cases are considered: in the first one the number of attacked elements and the vulnerability of each genuine element are fixed and the defense resource distribution is determined as a solution of an optimization problem; in the second one the number of attacked elements is the attacker's free choice variable and the element's vulnerability depends on a contest determined by the defender's and attacker's resources allocated to each element. The defender's optimal resource distribution strategy is determined as a solution of a two-period minmax game. It is shown that the optimal number of genuine elements decreases monotonically with the growth of the element cost and vulnerability, whereas the optimal number of false elements demonstrates non-monotonic behavior. The contest intensity is an important factor influencing the optimal defense resource distribution. It cannot be ignored when the defense strategy is determined, and it thus also impacts the attack strategy

On-Line Detection of Distributed Attacks from Space-Time Network Flow Patterns

National Research Council Canada - National Science Library

Baras, J. S; Cardenas, A. A; Ramezani, V

2003-01-01

.... The directionality of the change in a network flow is assumed to have an objective or target. The particular problem of detecting distributed denial of service attacks from distributed observations is presented as a working framework...

Shooting Alone: The Pre-Attack Experiences and Behaviors of U.S. Solo Mass Murderers.

Science.gov (United States)

Gill, Paul; Silver, James; Horgan, John; Corner, Emily

2017-05-01

This paper outlines the sociodemographic, developmental, antecedent attack, attack preparation, and commission properties of 115 mass murderers between 1990 and 2014. The results indicate that mass murderer attacks are usually the culmination of a complex mix of personal, political, and social drivers that crystalize at the same time to drive the individual down the path of violent action. We specifically focus upon areas related to prior criminal engagement, leakage, and attack location familiarity. Whether the violence comes to fruition is usually a combination of the availability and vulnerability of suitable targets that suit the heady mix of personal and political grievances and the individual's capability to engage in an attack from both a psychological and technical capability standpoint. Many individual cases share a mixture of unfortunate personal life circumstances coupled with an intensification of beliefs/grievances that later developed into the idea to engage in violence. © 2016 American Academy of Forensic Sciences.

Achievable Rate Estimation of IEEE 802.11ad Visual Big-Data Uplink Access in Cloud-Enabled Surveillance Applications.

Directory of Open Access Journals (Sweden)

Joongheon Kim

Full Text Available This paper addresses the computation procedures for estimating the impact of interference in 60 GHz IEEE 802.11ad uplink access in order to construct visual big-data database from randomly deployed surveillance camera sensing devices. The acquired large-scale massive visual information from surveillance camera devices will be used for organizing big-data database, i.e., this estimation is essential for constructing centralized cloud-enabled surveillance database. This performance estimation study captures interference impacts on the target cloud access points from multiple interference components generated by the 60 GHz wireless transmissions from nearby surveillance camera devices to their associated cloud access points. With this uplink interference scenario, the interference impacts on the main wireless transmission from a target surveillance camera device to its associated target cloud access point with a number of settings are measured and estimated under the consideration of 60 GHz radiation characteristics and antenna radiation pattern models.

Counter-Leadership Targeting and Conflict Termination

National Research Council Canada - National Science Library

Taylor, Bradly

1999-01-01

.... Can the leader be found? And, is it legal and ethical to attack the leader? Analysis rarely has been conducted to determine whether the targeted organization is vulnerable to Counter Leadership Targeting (CLT...

Moving Target Techniques: Cyber Resilience throught Randomization, Diversity, and Dynamism

Science.gov (United States)

2017-03-03

attacks. Simply put, these techniques turn systems into moving targets that will be hard for cyber attackers to compromise. MT techniques leverage...been diversified, they can attack it as if it was not diversified at all. Dynamic Data: Techniques in the dynamic data domain change the format

A fiber Bragg grating acceleration sensor for ground surveillance

Science.gov (United States)

Jiang, Shaodong; Zhang, Faxiang; Lv, Jingsheng; Ni, Jiasheng; Wang, Chang

2017-10-01

Ground surveillance system is a kind of intelligent monitoring equipment for detecting and tracking the ground target. This paper presents a fiber Bragg grating (FBG) acceleration sensor for ground surveillance, which has the characteristics of no power supply, anti-electromagnetic interference, easy large-scale networking, and small size. Which make it able to achieve the advantage of the ground surveillance system while avoiding the shortcoming of the electric sensing. The sensor has a double cantilever beam structure with a sensitivity of 1000 pm/g. Field experiment has been carried out on a flood beach to examine the sensor performance. The result shows that the detection distance on the walking of personnel reaches 70m, and the detection distance on the ordinary motor vehicle reaches 200m. The performance of the FBG sensor can satisfy the actual needs of the ground surveillance system.

Underlying Reasons for Success and Failure of Terrorist Attacks: Selected Case Studies

National Research Council Canada - National Science Library

McCleskey, Edward; McCord, Diana; Leetz, Jennifer; Markey, John

2007-01-01

.... This is the second of a two-phased effort: Phase I focused on assessing the underlying reasons for the success and failure of terrorist attacks against targets within the United States and against U.S. interests abroad...

SCM: a practical tool to implement hospital-based syndromic surveillance.

Science.gov (United States)

Ye, Chuchu; Li, Zhongjie; Fu, Yifei; Lan, Yajia; Zhu, Weiping; Zhou, Dinglun; Zhang, Honglong; Lai, Shengjie; Buckeridge, David L; Sun, Qiao; Yang, Weizhong

2016-06-18

Syndromic surveillance has been widely used for the early warning of infectious disease outbreaks, especially in mass gatherings, but the collection of electronic data on symptoms in hospitals is one of the fundamental challenges that must be overcome during operating a syndromic surveillance system. The objective of our study is to describe and evaluate the implementation of a symptom-clicking-module (SCM) as a part of the enhanced hospital-based syndromic surveillance during the 41st World Exposition in Shanghai, China, 2010. The SCM, including 25 targeted symptoms, was embedded in the sentinels' Hospital Information Systems (HIS). The clinicians used SCM to record these information of all the visiting patients, and data were collated and transmitted automatically in daily batches. The symptoms were categorized into seven targeted syndromes using pre-defined criteria, and statistical algorithms were applied to detect temporal aberrations in the data series. SCM was deployed successfully in each sentinel hospital and was operated during the 184-day surveillance period. A total of 1,730,797 patient encounters were recorded by SCM, and 6.1 % (105,352 visits) met the criteria of the seven targeted syndromes. Acute respiratory and gastrointestinal syndromes were reported most frequently, accounted for 92.1 % of reports in all syndromes, and the aggregated time-series presented an obvious day-of-week variation over the study period. In total, 191 aberration signals were triggered, and none of them were identified as outbreaks after verification and field investigation. SCM has acted as a practical tool for recording symptoms in the hospital-based enhanced syndromic surveillance system during the 41st World Exposition in Shanghai, in the context of without a preexisting electronic tool to collect syndromic data in the HIS of the sentinel hospitals.

Revisiting the Estonian Cyber Attacks: Digital Threats and Multinational Responses

Directory of Open Access Journals (Sweden)

Stephen Herzog

2011-01-01

Full Text Available In April 2007, the Estonian Government moved a memorial commemorating the Soviet liberation of the country from the Nazis to a less prominent and visible location in Tallinn. This decision triggered rioting among Russian-speaking minorities and cyber terrorism targeting Estonia's critical economic and political infrastructure. Drawing upon the Estonian cyber attacks, this article argues that globalization and the Internet have enabled transnational groups—such as the Russian diaspora—to avenge their grievances by threatening the sovereignty of nation-states in cyberspace. Sophisticated and virtually untraceable political "hacktivists" may now possess the ability to disrupt or destroy government operations, banking transactions, city power grids, and even military weapon systems. Fortunately, western countries banded together to effectively combat the Estonian cyber attacks and minimize their effects. However, this article concludes that in the age of globalization, interdependence, and digital interconnectedness, nation-states must engage in increased cooperative cyber-defense activities to counter and prevent devastating Internet attacks and their implications.

Whispering through DDoS attack

OpenAIRE

Miralem Mehic; Jiri Slachta; Miroslav Voznak

2016-01-01

Denial of service (DoS) attack is an attempt of the attacker to disable victim's machine by depleting network or computing resources. If this attack is performed with more than one machine, it is called distributed denial of service (DDoS) attack. Covert channels are those channels which are used for information transmission even though they are neither designed nor intended to transfer information at all. In this article, we investigated the possibility of using of DDoS attack for purposes o...

Evaluating surveillance indicators supporting the Global Polio Eradication Initiative, 2011-2012.

Science.gov (United States)

2013-04-12

The Global Polio Eradication Initiative (GPEI) was established in 1988 by the World Health Assembly to interrupt transmission of wild poliovirus (WPV); completion of this initiative was declared a programmatic emergency of public health in January 2012. Polio cases are detected through surveillance for acute flaccid paralysis (AFP) with linked stool specimens tested for polioviruses (PVs) at accredited laboratories within the Global Polio Laboratory Network (GPLN). AFP surveillance findings are supplemented by testing sewage samples (environmental surveillance) collected at selected sites. Virologic data guide where targeted immunization activities should be conducted or improved. Key performance indicators are used to 1) monitor AFP surveillance quality at national and subnational levels to identify gaps where PV transmission could occur undetected; 2) provide evidence of where PV circulation has been interrupted; and 3) allow timely detection of an outbreak. Standardized surveillance indicators allow progress to be monitored over time and compared among countries. This report presents AFP surveillance performance indicators at national and subnational levels for countries affected by polio during 2011-2012, and trends in environmental surveillance, updating previous reports. In the 19 countries with transmission of PV (WPV and/or circulating vaccine-derived poliovirus [cVDPV]) during 2011-2012, national performance indicator targets were met in 12 (63%) countries in 2011 and 13 (68%) countries in 2012. Seven countries (37%) in 2011 had ≥80% of the population living in areas meeting performance indicators, increasing to nine countries (47%) in 2012. Performance indicators for timely reporting of PV isolation and characterization were met in four of six World Health Organization (WHO) regions in 2011 and five regions in 2012. To achieve global polio eradication, efforts are needed to improve and maintain AFP surveillance and laboratory performance.

Multiple operating system rotation environment moving target defense

Science.gov (United States)

Evans, Nathaniel; Thompson, Michael

2016-03-22

Systems and methods for providing a multiple operating system rotation environment ("MORE") moving target defense ("MTD") computing system are described. The MORE-MTD system provides enhanced computer system security through a rotation of multiple operating systems. The MORE-MTD system increases attacker uncertainty, increases the cost of attacking the system, reduces the likelihood of an attacker locating a vulnerability, and reduces the exposure time of any located vulnerability. The MORE-MTD environment is effectuated by rotation of the operating systems at a given interval. The rotating operating systems create a consistently changing attack surface for remote attackers.

Kestrel: force protection and Intelligence, Surveillance, and Reconnaissance (ISR) persistent surveillance on aerostats

Science.gov (United States)

Luber, David R.; Marion, John E.; Fields, David

2012-05-01

Logos Technologies has developed and fielded the Kestrel system, an aerostat-based, wide area persistent surveillance system dedicated to force protection and ISR mission execution operating over forward operating bases. Its development included novel imaging and stabilization capability for day/night operations on military aerostat systems. The Kestrel system's contribution is a substantial enhancement to aerostat-based, force protection systems which to date have relied on narrow field of view ball gimbal sensors to identify targets of interest. This inefficient mechanism to conduct wide area field of view surveillance is greatly enhanced by Kestrel's ability to maintain a constant motion imagery stare of the entire forward operating base (FOB) area. The Kestrel airborne sensor enables 360° coverage out to extended ranges which covers a city sized area at moderate resolution, while cueing a narrow field of view sensor to provide high resolution imagery of targets of interest. The ground station exploitation system enables operators to autonomously monitor multiple regions of interest in real time, and allows for backtracking through the recorded imagery, while continuing to monitor ongoing activity. Backtracking capability allows operators to detect threat networks, their CONOPS, and locations of interest. Kestrel's unique advancement has already been utilized successfully in OEF operations.

Protecting Cryptographic Memory against Tampering Attack

DEFF Research Database (Denmark)

Mukherjee, Pratyay

In this dissertation we investigate the question of protecting cryptographic devices from tampering attacks. Traditional theoretical analysis of cryptographic devices is based on black-box models which do not take into account the attacks on the implementations, known as physical attacks. In prac......In this dissertation we investigate the question of protecting cryptographic devices from tampering attacks. Traditional theoretical analysis of cryptographic devices is based on black-box models which do not take into account the attacks on the implementations, known as physical attacks....... In practice such attacks can be executed easily, e.g. by heating the device, as substantiated by numerous works in the past decade. Tampering attacks are a class of such physical attacks where the attacker can change the memory/computation, gains additional (non-black-box) knowledge by interacting...... with the faulty device and then tries to break the security. Prior works show that generically approaching such problem is notoriously difficult. So, in this dissertation we attempt to solve an easier question, known as memory-tampering, where the attacker is allowed tamper only with the memory of the device...

Surveillance

DEFF Research Database (Denmark)

Albrechtslund, Anders; Coeckelbergh, Mark; Matzner, Tobias

Studying surveillance involves raising questions about the very nature of concepts such as information, technology, identity, space and power. Besides the maybe all too obvious ethical issues often discussed with regard to surveillance, there are several other angles and approaches that we should...... like to encourage. Therefore, our panel will focus on the philosophical, yet non-ethical issues of surveillance in order to stimulate an intense debate with the audience on the ethical implications of our enquiries. We also hope to provide a broader and deeper understanding of surveillance....

Hotels as a target for terrorism: a study of the Helsinki area hotels’ preparedness for an attack

OpenAIRE

Kovalevskiy, Andrey

2015-01-01

The threat of terrorism is an issue that is not to be taken lightly in the world of today. The year 2015 has sadly been marked with an unsettlingly high number of acts of terror across the globe that claimed a multitude of civilian lives. The hospitality industry and hotels in particular are especially vulnerable to a potential terrorist attack, and this fact attracted the author’s attention to the issue of the prevention of such attacks and the measures (if any) that the Helsinki hotels are ...

Exploiting Hardware Vulnerabilities to Attack Embedded System Devices: a Survey of Potent Microarchitectural Attacks

Directory of Open Access Journals (Sweden)

Apostolos P. Fournaris

2017-07-01

Full Text Available Cyber-Physical system devices nowadays constitute a mixture of Information Technology (IT and Operational Technology (OT systems that are meant to operate harmonically under a security critical framework. As security IT countermeasures are gradually been installed in many embedded system nodes, thus securing them from many well-know cyber attacks there is a lurking danger that is still overlooked. Apart from the software vulnerabilities that typical malicious programs use, there are some very interesting hardware vulnerabilities that can be exploited in order to mount devastating software or hardware attacks (typically undetected by software countermeasures capable of fully compromising any embedded system device. Real-time microarchitecture attacks such as the cache side-channel attacks are such case but also the newly discovered Rowhammer fault injection attack that can be mounted even remotely to gain full access to a device DRAM (Dynamic Random Access Memory. Under the light of the above dangers that are focused on the device hardware structure, in this paper, an overview of this attack field is provided including attacks, threat directives and countermeasures. The goal of this paper is not to exhaustively overview attacks and countermeasures but rather to survey the various, possible, existing attack directions and highlight the security risks that they can pose to security critical embedded systems as well as indicate their strength on compromising the Quality of Service (QoS such systems are designed to provide.

Seven deadliest USB attacks

CERN Document Server

Anderson, Brian

2010-01-01

Do you need to keep up with the latest hacks, attacks, and exploits effecting USB technology? Then you need Seven Deadliest USB Attacks. This book pinpoints the most dangerous hacks and exploits specific to USB, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Attacks detailed in this book include: USB Hacksaw USB Switchblade USB Based Virus/Malicous Code Launch USB Device Overflow RAMdum

Seven Deadliest Unified Communications Attacks

CERN Document Server

York, Dan

2010-01-01

Do you need to keep up with the latest hacks, attacks, and exploits effecting Unified Communications technology? Then you need Seven Deadliest Unified Communication Attacks. This book pinpoints the most dangerous hacks and exploits specific to Unified Communications, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Attacks featured in this book include: UC Ecosystem Attacks Insecure Endpo

Invisible Trojan-horse attack.

Science.gov (United States)

Sajeed, Shihan; Minshull, Carter; Jain, Nitin; Makarov, Vadim

2017-08-21

We demonstrate the experimental feasibility of a Trojan-horse attack that remains nearly invisible to the single-photon detectors employed in practical quantum key distribution (QKD) systems, such as Clavis2 from ID Quantique. We perform a detailed numerical comparison of the attack performance against Scarani-Ac´ın-Ribordy-Gisin (SARG04) QKD protocol at 1924 nm versus that at 1536 nm. The attack strategy was proposed earlier but found to be unsuccessful at the latter wavelength, as reported in N. Jain et al., New J. Phys. 16, 123030 (2014). However at 1924 nm, we show experimentally that the noise response of the detectors to bright pulses is greatly reduced, and show by modeling that the same attack will succeed. The invisible nature of the attack poses a threat to the security of practical QKD if proper countermeasures are not adopted.

Whispering through DDoS attack

Directory of Open Access Journals (Sweden)

Miralem Mehic

2016-03-01

Full Text Available Denial of service (DoS attack is an attempt of the attacker to disable victim's machine by depleting network or computing resources. If this attack is performed with more than one machine, it is called distributed denial of service (DDoS attack. Covert channels are those channels which are used for information transmission even though they are neither designed nor intended to transfer information at all. In this article, we investigated the possibility of using of DDoS attack for purposes of hiding data or concealing the existing covert channel. In addition, in this paper we analyzed the possibility of detection of such covert communication with the well-known statistical method. Also, we proposed the coordination mechanisms of the attack which may be used. A lot of research has been done in order to describe and prevent DDoS attacks, yet research on steganography on this field is still scarce.

Aftermath of bustamante attack on genomic beacon service.

Science.gov (United States)

Aziz, Md Momin Al; Ghasemi, Reza; Waliullah, Md; Mohammed, Noman

2017-07-26

With the enormous need for federated eco-system for holding global genomic and clinical data, Global Alliance for Genomic and Health (GA4GH) has created an international website called beacon service which allows a researcher to find out whether a specific dataset can be utilized to his or her research beforehand. This simple webservice is quite useful as it allows queries like whether a certain position of a target chromosome has a specific nucleotide. However, the increased integration of individuals genomic data into clinical practice and research raised serious privacy concern. Though the answer of such queries are yes or no in Bacon network, it results in serious privacy implication as demonstrated in a recent work from Shringarpure and Bustamante. In their attack model, the authors demonstrated that with a limited number of queries, presence of an individual in any dataset can be determined. We propose two lightweight algorithms (based on randomized response) which captures the efficacy while preserving the privacy of the participants in a genomic beacon service. We also elaborate the strength and weakness of the attack by explaining some of their statistical and mathematical models using real world genomic database. We extend their experimental simulations for different adversarial assumptions and parameters. We experimentally evaluated the solutions on the original attack model with different parameters for better understanding of the privacy and utility tradeoffs provided by these two methods. Also, the statistical analysis further elaborates the different aspects of the prior attack which leads to a better risk management for the participants in a beacon service. The differentially private and lightweight solutions discussed here will make the attack much difficult to succeed while maintaining the fundamental motivation of beacon database network.

Heart attack - discharge

Science.gov (United States)

... and lifestyle Cholesterol - drug treatment Controlling your high blood pressure Deep vein thrombosis - discharge Dietary fats explained Fast food tips Heart attack - discharge Heart attack - what to ask your doctor Heart bypass ... pacemaker - discharge High blood pressure - what to ask your doctor How to read ...

Proactive Routing Mutation Against Stealthy Distributed Denial of Service Attacks – Metrics, Modeling and Analysis

Energy Technology Data Exchange (ETDEWEB)

Duan, Qi; Al-Shaer, Ehab; Chatterjee, Samrat; Halappanavar, Mahantesh; Oehmen, Christopher S.

2018-04-01

The Infrastructure Distributed Denial of Service (IDDoS) attacks continue to be one of the most devastating challenges facing cyber systems. The new generation of IDDoS attacks exploit the inherent weakness of cyber infrastructure including deterministic nature of routes, skew distribution of flows, and Internet ossification to discover the network critical links and launch highly stealthy flooding attacks that are not observable at the victim end. In this paper, first, we propose a new metric to quantitatively measure the potential susceptibility of any arbitrary target server or domain to stealthy IDDoS attacks, and es- timate the impact of such susceptibility on enterprises. Second, we develop a proactive route mutation technique to minimize the susceptibility to these attacks by dynamically changing the flow paths periodically to invalidate the adversary knowledge about the network and avoid targeted critical links. Our proposed approach actively changes these network paths while satisfying security and qualify of service requirements. We present an integrated approach of proactive route mutation that combines both infrastructure-based mutation that is based on reconfiguration of switches and routers, and middle-box approach that uses an overlay of end-point proxies to construct a virtual network path free of critical links to reach a destination. We implemented the proactive path mutation technique on a Software Defined Network using the OpendDaylight controller to demonstrate a feasible deployment of this approach. Our evaluation validates the correctness, effectiveness, and scalability of the proposed approaches.

The Marine Corps Needs a Targeting, Sensors, and Surveillance Systems Operational Integration and Support Team

Science.gov (United States)

2010-03-02

triggerman is probably still close ; lately all IEDs in the area have been initiated via command-wire. The squad leader sets a cordon, ensures an IED 9...Operational Surveillance System (G-BOSS) with a Class IIIb laser pointer. This class of laser requires users to receive a laser safety class...2) The Keyhole kit of surveillance equipment. Designed to provide “snipers with an increased capability to visually detect the enemy emplacing IEDs

Attack Trees for Practical Security Assessment: Ranking of Attack Scenarios with ADTool 2.0

NARCIS (Netherlands)

Gadyatskaya, Olga; Jhawar, Ravi; Kordy, P.T.; Lounis, Karim; Mauw, Sjouke; Trujillo-Rasua, Rolando

2016-01-01

In this tool demonstration paper we present the ADTool2.0: an open-source software tool for design, manipulation and analysis of attack trees. The tool supports ranking of attack scenarios based on quantitative attributes entered by the user; it is scriptable; and it incorporates attack trees with

Managing Complex Battlespace Environments Using Attack the Network Methodologies

DEFF Research Database (Denmark)

Mitchell, Dr. William L.

This paper examines the last 8 years of development and application of Attack the Network (AtN) intelligence methodologies for creating shared situational understanding of complex battlespace environment and the development of deliberate targeting frameworks. It will present a short history...... of their development, how they are integrated into operational planning through strategies of deliberate targeting for modern operations. The paper will draw experience and case studies from Iraq, Syria, and Afghanistan and will offer some lessons learned as well as insight into the future of these methodologies....... Including their possible application on a national security level for managing longer strategic endeavors....

Range-Gated Laser Stroboscopic Imaging for Night Remote Surveillance

International Nuclear Information System (INIS)

Xin-Wei, Wang; Yan, Zhou; Song-Tao, Fan; Jun, He; Yu-Liang, Liu

2010-01-01

For night remote surveillance, we present a method, the range-gated laser stroboscopic imaging(RGLSI), which uses a new kind of time delay integration mode to integrate target signals so that night remote surveillance can be realized by a low-energy illuminated laser. The time delay integration in this method has no influence on the video frame rate. Compared with the traditional range-gated laser imaging, RGLSI can reduce scintillation and target speckle effects and significantly improve the image signal-to-noise ratio analyzed. Even under low light level and low visibility conditions, the RGLSI system can effectively work. In a preliminary experiment, we have detected and recognized a railway bridge one kilometer away under a visibility of six kilometers, when the effective illuminated energy is 29.5 μJ

Robustness against attacks of dual polarization encryption using the Stokes-Mueller formalism

Science.gov (United States)

Dubreuil, Matthieu; Alfalou, Ayman; Brosseau, Christian

2012-09-01

The security of our recently proposed dual polarization encryption scheme of images is evaluated by numerical simulations. This consists of testing the resistance of the scheme against brute force, known-plaintext, chosen-plaintext and video sequence attacks. While some attacks are ineffective (brute force, video sequence) others are effective (known-plaintext, chosen-plaintext), but only under certain assumptions. An optimization of the setup, which is based on a regular rotation of polarization optics angles (polarizers, wave plates), is proposed associating the use of a high dynamic range for the key image, or the use of a phase-only spatial light modulator in the target and in the key image channel. The possibility of the attacker decrypting an unknown image is thus strongly reduced. The precision required for optical specifications is also evaluated, in order to ensure a good decryption for an authorized user.

Introduction to surveillance studies

CERN Document Server

Petersen, JK

2012-01-01

Introduction & OverviewIntroduction Brief History of Surveillance Technologies & TechniquesOptical SurveillanceAerial Surveillance Audio Surveillance Radio-Wave SurveillanceGlobal Positioning Systems Sensors Computers & the Internet Data Cards Biochemical Surveillance Animal Surveillance Biometrics Genetics Practical ConsiderationsPrevalence of Surveillance Effectiveness of Surveillance Freedom & Privacy IssuesConstitutional Freedoms Privacy Safeguards & Intrusions ResourcesReferences Glossary Index

The work-averse cyber attacker model : theory and evidence from two million attack signatures

NARCIS (Netherlands)

Allodi, L.; Massacci, F.; Williams, J.

The typical cyber attacker is assumed to be all powerful and to exploit all possible vulnerabilities. In this paper we present, and empirically validate, a novel and more realistic attacker model. The intuition of our model is that an attacker will optimally choose whether to act and weaponize a new

Victim’s posture and protective clothing changes the approach in an edged-weapon attack

OpenAIRE

Carr, D; Mahoney, P; Godhania, K; Cowper, E; Malbon, C

2017-01-01

Diverse groups of people use edged-weapons (i.e. knives, spears, swords) professionally. The training received affects how the edged-weapon is used and the area of the body targeted. There is a growing body of information available on the internet which is aimed at the training individuals in offensive knife attacks. This poster aims to raise awareness of this issue and highlight how a trained individual modifies an attack sequence depending on their victim’s posture and the protective clothi...

Using automated medical records for rapid identification of illness syndromes (syndromic surveillance: the example of lower respiratory infection

Directory of Open Access Journals (Sweden)

Dashevsky Inna

2001-10-01

Full Text Available Abstract Background Gaps in disease surveillance capacity, particularly for emerging infections and bioterrorist attack, highlight a need for efficient, real time identification of diseases. Methods We studied automated records from 1996 through 1999 of approximately 250,000 health plan members in greater Boston. Results We identified 152,435 lower respiratory infection illness visits, comprising 106,670 episodes during 1,143,208 person-years. Three diagnoses, cough (ICD9CM 786.2, pneumonia not otherwise specified (ICD9CM 486 and acute bronchitis (ICD9CM 466.0 accounted for 91% of these visits, with expected age and sex distributions. Variation of weekly occurrences corresponded closely to national pneumonia and influenza mortality data. There was substantial variation in geographic location of the cases. Conclusion This information complements existing surveillance programs by assessing the large majority of episodes of illness for which no etiologic agents are identified. Additional advantages include: a sensitivity, uniformity and efficiency, since detection of events does not depend on clinicians' to actively report diagnoses, b timeliness, the data are available within a day of the clinical event; and c ease of integration into automated surveillance systems. These features facilitate early detection of conditions of public health importance, including regularly occurring events like seasonal respiratory illness, as well as unusual occurrences, such as a bioterrorist attack that first manifests as respiratory symptoms. These methods should also be applicable to other infectious and non-infectious conditions. Knowledge of disease patterns in real time may also help clinicians to manage patients, and assist health plan administrators in allocating resources efficiently.

Web server attack analyzer

OpenAIRE

Mižišin, Michal

2013-01-01

Web server attack analyzer - Abstract The goal of this work was to create prototype of analyzer of injection flaws attacks on web server. Proposed solution combines capabilities of web application firewall and web server log analyzer. Analysis is based on configurable signatures defined by regular expressions. This paper begins with summary of web attacks, followed by detection techniques analysis on web servers, description and justification of selected implementation. In the end are charact...

Network Protection Against DDoS Attacks

Directory of Open Access Journals (Sweden)

Petr Dzurenda

2015-03-01

Full Text Available The paper deals with possibilities of the network protection against Distributed Denial of Service attacks (DDoS. The basic types of DDoS attacks and their impact on the protected network are presented here. Furthermore, we present basic detection and defense techniques thanks to which it is possible to increase resistance of the protected network or device against DDoS attacks. Moreover, we tested the ability of current commercial Intrusion Prevention Systems (IPS, especially Radware DefensePro 6.10.00 product against the most common types of DDoS attacks. We create five scenarios that are varied in type and strength of the DDoS attacks. The attacks intensity was much greater than the normal intensity of the current DDoS attacks.

Attack Tree Generation by Policy Invalidation

DEFF Research Database (Denmark)

Ivanova, Marieta Georgieva; Probst, Christian W.; Hansen, Rene Rydhof

2015-01-01

through brainstorming of experts. In this work we formalize attack tree generation including human factors; based on recent advances in system models we develop a technique to identify possible attacks analytically, including technical and human factors. Our systematic attack generation is based......Attacks on systems and organisations increasingly exploit human actors, for example through social engineering, complicating their formal treatment and automatic identification. Formalisation of human behaviour is difficult at best, and attacks on socio-technical systems are still mostly identified...... on invalidating policies in the system model by identifying possible sequences of actions that lead to an attack. The generated attacks are precise enough to illustrate the threat, and they are general enough to hide the details of individual steps....

Systematic Poisoning Attacks on and Defenses for Machine Learning in Healthcare.

Science.gov (United States)

Mozaffari-Kermani, Mehran; Sur-Kolay, Susmita; Raghunathan, Anand; Jha, Niraj K

2015-11-01

Machine learning is being used in a wide range of application domains to discover patterns in large datasets. Increasingly, the results of machine learning drive critical decisions in applications related to healthcare and biomedicine. Such health-related applications are often sensitive, and thus, any security breach would be catastrophic. Naturally, the integrity of the results computed by machine learning is of great importance. Recent research has shown that some machine-learning algorithms can be compromised by augmenting their training datasets with malicious data, leading to a new class of attacks called poisoning attacks. Hindrance of a diagnosis may have life-threatening consequences and could cause distrust. On the other hand, not only may a false diagnosis prompt users to distrust the machine-learning algorithm and even abandon the entire system but also such a false positive classification may cause patient distress. In this paper, we present a systematic, algorithm-independent approach for mounting poisoning attacks across a wide range of machine-learning algorithms and healthcare datasets. The proposed attack procedure generates input data, which, when added to the training set, can either cause the results of machine learning to have targeted errors (e.g., increase the likelihood of classification into a specific class), or simply introduce arbitrary errors (incorrect classification). These attacks may be applied to both fixed and evolving datasets. They can be applied even when only statistics of the training dataset are available or, in some cases, even without access to the training dataset, although at a lower efficacy. We establish the effectiveness of the proposed attacks using a suite of six machine-learning algorithms and five healthcare datasets. Finally, we present countermeasures against the proposed generic attacks that are based on tracking and detecting deviations in various accuracy metrics, and benchmark their effectiveness.

Terrorists and Suicide Attacks

National Research Council Canada - National Science Library

Cronin, Audrey K

2003-01-01

Suicide attacks by terrorist organizations have become more prevalent globally, and assessing the threat of suicide attacks against the United States and its interests at home and abroad has therefore...

Stochastic Model of TCP SYN Attacks

Directory of Open Access Journals (Sweden)

Simona Ramanauskaitė

2011-08-01

Full Text Available A great proportion of essential services are moving into internet space making the threat of DoS attacks even more actual. To estimate the real risk of some kind of denial of service (DoS attack in real world is difficult, but mathematical and software models make this task easier. In this paper we overview the ways of implementing DoS attack models and offer a stochastic model of SYN flooding attack. It allows evaluating the potential threat of SYN flooding attacks, taking into account both the legitimate system flow as well as the possible attack power. At the same time we can assess the effect of such parameters as buffer capacity, open connection storage in the buffer or filte­ring efficiency on the success of different SYN flooding attacks. This model can be used for other type of memory depletion denial of service attacks.Article in Lithuanian

Occupational health provision and health surveillance in the semiconductor industry.

Science.gov (United States)

Kinoulty, Mary; Williams, Nerys

2006-03-01

To identify the nature of occupational health provision in UK semiconductor-manufacturing plants. To identify the level of industry compliance with legal health surveillance requirements. A national inspection programme was carried out by Health & Safety Executive inspectors using a developed protocol. A wide range of occupational health provision was identified from none to use of an accredited specialist. The majority of work was of a reactive nature even where there was specialist occupational health input. Seven companies were identified as not meeting legal compliance and one as having unacceptable compliance for health surveillance. The spectrum of occupational health provision was very wide. Where health surveillance was provided, it was poorly targeted with limited interpretation and feedback to management.

Attack Trees with Sequential Conjunction

NARCIS (Netherlands)

Jhawar, Ravi; Kordy, Barbara; Mauw, Sjouke; Radomirović, Sasa; Trujillo-Rasua, Rolando

2015-01-01

We provide the first formal foundation of SAND attack trees which are a popular extension of the well-known attack trees. The SAND at- tack tree formalism increases the expressivity of attack trees by intro- ducing the sequential conjunctive operator SAND. This operator enables the modeling of

Heart attack first aid

Science.gov (United States)

First aid - heart attack; First aid - cardiopulmonary arrest; First aid - cardiac arrest ... A heart attack occurs when the blood flow that carries oxygen to the heart is blocked. The heart muscle ...

Investigating the Possibility to Individualize Asthma Attack Therapy Based on Attack Severity and Patient Characteristics

Directory of Open Access Journals (Sweden)

Sárkány Zoltán

2016-03-01

Full Text Available Introduction: The objective of this study was to investigate with the help of a computerized simulation model whether the treatment of an acute asthma attack can be individualized based on the severity of the attack and the characteristics of the patient. Material and Method: A stochastic lung model was used to simulate the deposition of 1 nm - 10 μm particles during a mild and a moderate asthma attack. Breathing parameters were varied to maximize deposition, and simulation results were compared with those obtained in the case of a severe asthma attack. In order to investigate the effect of height on the deposition of inhaled particles, another series of simulations was carried out with identical breathing parameters, comparing patient heights of 155 cm, 175 cm and 195 cm. Results: The optimization process yielded an increase in the maximum deposition values of around 6-7% for each type of investigated asthma attack, and the difference between attacks of different degree of severity was around 5% for both the initial and the optimized values, a higher degree of obstruction increasing the amount of deposited particles. Conclusions: Our results suggest that the individualization of asthma attack treatment cannot be based on particles of different size, as the highest deposited fraction in all three types of attacks can be obtained using 0.01 μm particles. The use of a specific set of breathing parameters yields a difference between a mild and a moderate, as well as a moderate and a severe asthma attack of around 5%.

Analytical Characterization of Internet Security Attacks

Science.gov (United States)

Sellke, Sarah H.

2010-01-01

Internet security attacks have drawn significant attention due to their enormously adverse impact. These attacks includes Malware (Viruses, Worms, Trojan Horse), Denial of Service, Packet Sniffer, and Password Attacks. There is an increasing need to provide adequate defense mechanisms against these attacks. My thesis proposal deals with analytical…

Polymorphic Attacks and Network Topology: Application of Concepts from Natural Systems

Science.gov (United States)

Rangan, Prahalad

2010-01-01

The growing complexity of interactions between computers and networks makes the subject of network security a very interesting one. As our dependence on the services provided by computing networks grows, so does our investment in such technology. In this situation, there is a greater risk of occurrence of targeted malicious attacks on computers…

Robustness against attacks of dual polarization encryption using the Stokes–Mueller formalism

International Nuclear Information System (INIS)

Dubreuil, Matthieu; Alfalou, Ayman; Brosseau, Christian

2012-01-01

The security of our recently proposed dual polarization encryption scheme of images is evaluated by numerical simulations. This consists of testing the resistance of the scheme against brute force, known-plaintext, chosen-plaintext and video sequence attacks. While some attacks are ineffective (brute force, video sequence) others are effective (known-plaintext, chosen-plaintext), but only under certain assumptions. An optimization of the setup, which is based on a regular rotation of polarization optics angles (polarizers, wave plates), is proposed associating the use of a high dynamic range for the key image, or the use of a phase-only spatial light modulator in the target and in the key image channel. The possibility of the attacker decrypting an unknown image is thus strongly reduced. The precision required for optical specifications is also evaluated, in order to ensure a good decryption for an authorized user. (paper)

Anger attacks in obsessive compulsive disorder

Directory of Open Access Journals (Sweden)

Nitesh Prakash Painuly

2011-01-01

Full Text Available Background: Research on anger attacks has been mostly limited to depression, and only a few studies have focused on anger attacks in obsessive compulsive disorder. Materials and Methods: In a cross-sectional study all new obsessive compulsive disorder patients aged 20-60 years attending an outpatient clinic were assessed using the anger attack questionnaire, irritability, depression and anxiety scale (for the direction of the aggressive behavior and quality of life (QOL. Results: The sample consisted of 42 consecutive subjects with obsessive compulsive disorder, out of which 21 (50% had anger attacks. The obsessive compulsive disorder subjects with and without anger attacks did not show significant differences in terms of sociodemographic variables, duration of illness, treatment, and family history. However, subjects with anger attacks had significantly higher prevalence of panic attacks and comorbid depression. Significantly more subjects with anger attacks exhibited aggressive acts toward spouse, parents, children, and other relatives in the form of yelling and threatening to hurt, trying to hurt, and threatening to leave. However, the two groups did not differ significantly in terms of QOL, except for the psychological domain being worse in the subjects with anger attacks. Conclusion: Anger attacks are present in half of the patients with obsessive compulsive disorder, and they correlate with the presence of comorbid depression.

Seven Deadliest Social Network Attacks

CERN Document Server

Timm, Carl

2010-01-01

Do you need to keep up with the latest hacks, attacks, and exploits effecting social networks? Then you need Seven Deadliest Social Network Attacks. This book pinpoints the most dangerous hacks and exploits specific to social networks like Facebook, Twitter, and MySpace, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Attacks detailed in this book include: Social Networking Infrastruct

Pericarditis - after heart attack

Science.gov (United States)

... include: A previous heart attack Open heart surgery Chest trauma A heart attack that has affected the thickness of your heart muscle Symptoms Symptoms include: Anxiety Chest pain from the swollen pericardium rubbing on the ...

Protecting Anti-virus Programs From Viral Attacks

OpenAIRE

Mishra, Umakant

2013-01-01

During a fight between viruses and anti-viruses it is not always predictable that the anti-virus is going to win. There are many malicious viruses which target to attack and paralyze the anti-viruses. It is necessary for an anti-virus to detect and destroy the malware before its own files are detected and destroyed by the malware. The anti-virus may follow thorough testing and auditing procedures to fix all its bugs before releasing the software in the market. Besides the anti-virus may use a...

A joint mid-course and terminal course cooperative guidance law for multi-missile salvo attack

Directory of Open Access Journals (Sweden)

Jie ZENG

2018-06-01

Full Text Available Salvo attacking a surface target by multiple missiles is an effective tactic to enhance the lethality and penetrate the defense system. However, existing cooperative guidance laws in the mid-course or terminal course are not suitable for long- and medium-range missiles or stand-off attacking. Because the initial conditions of cooperative terminal guidance that are generally generated from the mid-course flight may not lead to a successful cooperative terminal guidance without proper mid-course flight adjustment. Meanwhile, cooperative guidance in the mid-course cannot solely guarantee the accuracy of a simultaneous arrival of multiple missiles. Therefore, a joint mid-course and terminal course cooperative guidance law is developed. By building a distinct leader-follower framework, this paper proposes an efficient coordinated Dubins path planning method to synchronize the arrival time of all engaged missiles in the mid-course flight. The planned flight can generate proper initial conditions for cooperative terminal guidance, and also benefit an earliest simultaneous arrival. In the terminal course, an existing cooperative proportional navigation guidance law guides all the engaged missiles to arrive at a target accurately and simultaneously. The integrated guidance law for an intuitive application is summarized. Simulations demonstrate that the proposed method can generate fast and accurate salvo attack. Keywords: Cooperative systems, Dubins path, Mid-course flight, Missile guidance, Salvo attack

A method of determining where to target surveillance efforts in heterogeneous epidemiological systems.

Directory of Open Access Journals (Sweden)

Alexander J Mastin

2017-08-01

Full Text Available The spread of pathogens into new environments poses a considerable threat to human, animal, and plant health, and by extension, human and animal wellbeing, ecosystem function, and agricultural productivity, worldwide. Early detection through effective surveillance is a key strategy to reduce the risk of their establishment. Whilst it is well established that statistical and economic considerations are of vital importance when planning surveillance efforts, it is also important to consider epidemiological characteristics of the pathogen in question-including heterogeneities within the epidemiological system itself. One of the most pronounced realisations of this heterogeneity is seen in the case of vector-borne pathogens, which spread between 'hosts' and 'vectors'-with each group possessing distinct epidemiological characteristics. As a result, an important question when planning surveillance for emerging vector-borne pathogens is where to place sampling resources in order to detect the pathogen as early as possible. We answer this question by developing a statistical function which describes the probability distributions of the prevalences of infection at first detection in both hosts and vectors. We also show how this method can be adapted in order to maximise the probability of early detection of an emerging pathogen within imposed sample size and/or cost constraints, and demonstrate its application using two simple models of vector-borne citrus pathogens. Under the assumption of a linear cost function, we find that sampling costs are generally minimised when either hosts or vectors, but not both, are sampled.

Vulnerability of industrial facilities to attacks with improvised explosive devices aimed at triggering domino scenarios

International Nuclear Information System (INIS)

Landucci, Gabriele; Reniers, Genserik; Cozzani, Valerio; Salzano, Ernesto

2015-01-01

Process- and chemical plants may constitute a critical target for a terrorist attack. In the present study, the analysis of industrial accidents induced by intentional acts of interference is carried out focusing on accident chains triggered by attacks with home-made (improvised) explosives. The effects of blast waves caused by improvised explosive devices are compared with those expected from a net equivalent charge of TNT by using a specific methodology for the assessment of stand-off distances. It is demonstrated that a home-made explosive device has a TNT efficiency comprised between 0.2 and 0.5. The model was applied to a case study, demonstrating the potentiality of improvised explosives in causing accident escalation sequences and severe effects on population and assets. The analysis of the case-study also allowed obtaining suggestions for an adequate security management. - Highlights: • Improvised explosives possibly used for terrorist attacks were described. • The TNT efficiency of ANFO and TATP was characterized. • Domino effects caused by an attack with improvised explosive were analyzed. • Domino scenarios induced by an attack were compared to conventional scenarios

The Swedish School Attack in Trollhättan.

Science.gov (United States)

Erlandsson, Åsa; Reid Meloy, J

2018-04-23

This is a case report of the offender and offense characteristics of a targeted attack on a Swedish school using a sword, with a particular focus upon the offender's history, the relationship between mental disorder and ideology, and whether or not it was an act of terrorism. Findings indicate that the offender had no drug or psychiatric treatment history, but postoffense analysis suggests autism spectrum disorder, depression, and both suicidal ideation and intent. The offender planned and prepared for his attack, and the triggering event appeared to be the loss of a temporary job. He expressed chronic anger concerning immigrants to Sweden and blamed them for his failures. Comparison of the fact pattern to other cases of lone actor terrorism with the Terrorist Radicalization Assessment Protocol (TRAP-18) empirically demonstrates excellent criterion validity with other lone actor terrorists in Europe and North America-including right wing extremists-and contributes to further understanding of ideologically motivated mass murder. © 2018 American Academy of Forensic Sciences.

Attaching Hollywood to a Surveillant Assemblage: Normalizing Discourses of Video Surveillance

Directory of Open Access Journals (Sweden)

Randy K Lippert

2015-10-01

Full Text Available This article examines video surveillance images in Hollywood film. It moves beyond previous accounts of video surveillance in relation to film by theoretically situating the use of these surveillance images in a broader “surveillant assemblage”. To this end, scenes from a sample of thirty-five (35 films of several genres are examined to discern dominant discourses and how they lend themselves to normalization of video surveillance. Four discourses are discovered and elaborated by providing examples from Hollywood films. While the films provide video surveillance with a positive associative association it is not without nuance and limitations. Thus, it is found that some forms of resistance to video surveillance are shown while its deterrent effect is not. It is ultimately argued that Hollywood film is becoming attached to a video surveillant assemblage discursively through these normalizing discourses as well as structurally to the extent actual video surveillance technology to produce the images is used.

WILD PIG ATTACKS ON HUMANS

Energy Technology Data Exchange (ETDEWEB)

Mayer, J.

2013-04-12

Attacks on humans by wild pigs (Sus scrofa) have been documented since ancient times. However, studies characterizing these incidents are lacking. In an effort to better understand this phenomenon, information was collected from 412 wild pig attacks on humans. Similar to studies of large predator attacks on humans, data came from a variety of sources. The various attacks compiled occurred in seven zoogeographic realms. Most attacks occurred within the species native range, and specifically in rural areas. The occurrence was highest during the winter months and daylight hours. Most happened under non-hunting circumstances and appeared to be unprovoked. Wounded animals were the chief cause of these attacks in hunting situations. The animals involved were typically solitary, male and large in size. The fate of the wild pigs involved in these attacks varied depending upon the circumstances, however, most escaped uninjured. Most human victims were adult males traveling on foot and alone. The most frequent outcome for these victims was physical contact/mauling. The severity of resulting injuries ranged from minor to fatal. Most of the mauled victims had injuries to only one part of their bodies, with legs/feet being the most frequent body part injured. Injuries were primarily in the form of lacerations and punctures. Fatalities were typically due to blood loss. In some cases, serious infections or toxemia resulted from the injuries. Other species (i.e., pets and livestock) were also accompanying some of the humans during these attacks. The fates of these animals varied from escaping uninjured to being killed. Frequency data on both non-hunting and hunting incidents of wild pig attacks on humans at the Savannah River Site, South Carolina, showed quantitatively that such incidents are rare.

Cache timing attacks on recent microarchitectures

DEFF Research Database (Denmark)

Andreou, Alexandres; Bogdanov, Andrey; Tischhauser, Elmar Wolfgang

2017-01-01

Cache timing attacks have been known for a long time, however since the rise of cloud computing and shared hardware resources, such attacks found new potentially devastating applications. One prominent example is S$A (presented by Irazoqui et al at S&P 2015) which is a cache timing attack against...... AES or similar algorithms in virtualized environments. This paper applies variants of this cache timing attack to Intel's latest generation of microprocessors. It enables a spy-process to recover cryptographic keys, interacting with the victim processes only over TCP. The threat model is a logically...... separated but CPU co-located attacker with root privileges. We report successful and practically verified applications of this attack against a wide range of microarchitectures, from a two-core Nehalem processor (i5-650) to two-core Haswell (i7-4600M) and four-core Skylake processors (i7-6700). The attack...

Privacy as Invisibility: Pervasive Surveillance and the Privatization of Peer-to-Peer Systems

Directory of Open Access Journals (Sweden)

Francesca Musiani

2011-06-01

Full Text Available This article addresses the ongoing, increasing privatization of peer-to-peer (P2P file sharing systems – the emergence of systems that users may only join by personal, friend-to-friend invitation. It argues that, within P2P systems, privacy is increasingly coinciding with “mere” invisibility vis-à-vis the rest of the Internet ecosystem because of a trend that has shaped the recent history of P2P technology: The alternation between forms of pervasive surveillance of such systems, and reactions by developers and users to such restrictive measures. Yet, it also suggests that the richness of today’s landscape of P2P technology development and use, mainly in the field of Internet-based services, opens up new dimensions to the conceptualization of privacy, and may give room to a more articulate definition of the concept as related to P2P technology; one that includes not only the need of protection from external attacks, and the temporary outcomes of the competition between surveillance and counter-surveillance measures, but also issues such as user empowerment through better control over personal information, reconfiguration of data management practices, and removal of intermediaries in sharing and communication activities.

The Cyber-Physical Attacker

DEFF Research Database (Denmark)

Vigo, Roberto

2012-01-01

The world of Cyber-Physical Systems ranges from industrial to national interest applications. Even though these systems are pervading our everyday life, we are still far from fully understanding their security properties. Devising a suitable attacker model is a crucial element when studying...... the security properties of CPSs, as a system cannot be secured without defining the threats it is subject to. In this work an attacker scenario is presented which addresses the peculiarities of a cyber-physical adversary, and we discuss how this scenario relates to other attacker models popular in the security...

Moving Target Detection and Active Tracking with a Multicamera Network

Directory of Open Access Journals (Sweden)

Long Zhao

2014-01-01

Full Text Available We propose a systematic framework for Intelligence Video Surveillance System (IVSS with a multicamera network. The proposed framework consists of low-cost static and PTZ cameras, target detection and tracking algorithms, and a low-cost PTZ camera feedback control algorithm based on target information. The target detection and tracking is realized by fixed cameras using a moving target detection and tracking algorithm; the PTZ camera is manoeuvred to actively track the target from the tracking results of the static camera. The experiments are carried out using practical surveillance system data, and the experimental results show that the systematic framework and algorithms presented in this paper are efficient.

Adaptive cyber-attack modeling system

Science.gov (United States)

Gonsalves, Paul G.; Dougherty, Edward T.

2006-05-01

The pervasiveness of software and networked information systems is evident across a broad spectrum of business and government sectors. Such reliance provides an ample opportunity not only for the nefarious exploits of lone wolf computer hackers, but for more systematic software attacks from organized entities. Much effort and focus has been placed on preventing and ameliorating network and OS attacks, a concomitant emphasis is required to address protection of mission critical software. Typical software protection technique and methodology evaluation and verification and validation (V&V) involves the use of a team of subject matter experts (SMEs) to mimic potential attackers or hackers. This manpower intensive, time-consuming, and potentially cost-prohibitive approach is not amenable to performing the necessary multiple non-subjective analyses required to support quantifying software protection levels. To facilitate the evaluation and V&V of software protection solutions, we have designed and developed a prototype adaptive cyber attack modeling system. Our approach integrates an off-line mechanism for rapid construction of Bayesian belief network (BN) attack models with an on-line model instantiation, adaptation and knowledge acquisition scheme. Off-line model construction is supported via a knowledge elicitation approach for identifying key domain requirements and a process for translating these requirements into a library of BN-based cyber-attack models. On-line attack modeling and knowledge acquisition is supported via BN evidence propagation and model parameter learning.

Predicting Factors of Zone 4 Attack in Volleyball.

Science.gov (United States)

Costa, Gustavo C; Castro, Henrique O; Evangelista, Breno F; Malheiros, Laura M; Greco, Pablo J; Ugrinowitsch, Herbert

2017-06-01

This study examined 142 volleyball games of the Men's Super League 2014/2015 seasons in Brazil from which we analyzed 24-26 games of each participating team, identifying 5,267 Zone 4 attacks for further analysis. Within these Zone 4 attacks, we analyzed the association between the effect of the attack carried out and the separate effects of serve reception, tempo and type of attack. We found that the reception, tempo of attack, second tempo of attack, and power of diagonal attack were predictors of the attack effect in Zone 4. Moreover, placed attacks showed a tendency to not yield a score. In conclusion, winning points in high-level men's volleyball requires excellent receptions, a fast attack tempo and powerfully executed of attacks.

Screening test recommendations for methicillin-resistant Staphylococcus aureus surveillance practices: A cost-minimization analysis.

Science.gov (United States)

Whittington, Melanie D; Curtis, Donna J; Atherly, Adam J; Bradley, Cathy J; Lindrooth, Richard C; Campbell, Jonathan D

2017-07-01

To mitigate methicillin-resistant Staphylococcus aureus (MRSA) infections, intensive care units (ICUs) conduct surveillance through screening patients upon admission followed by adhering to isolation precautions. Two surveillance approaches commonly implemented are universal preemptive isolation and targeted isolation of only MRSA-positive patients. Decision analysis was used to calculate the total cost of universal preemptive isolation and targeted isolation. The screening test used as part of the surveillance practice was varied to identify which screening test minimized inappropriate and total costs. A probabilistic sensitivity analysis was conducted to evaluate the range of total costs resulting from variation in inputs. The total cost of the universal preemptive isolation surveillance practice was minimized when a polymerase chain reaction screening test was used ($82.51 per patient). Costs were $207.60 more per patient when a conventional culture was used due to the longer turnaround time and thus higher isolation costs. The total cost of the targeted isolation surveillance practice was minimized when chromogenic agar 24-hour testing was used ($8.54 per patient). Costs were $22.41 more per patient when polymerase chain reaction was used. For ICUs that preemptively isolate all patients, the use of a polymerase chain reaction screening test is recommended because it can minimize total costs by reducing inappropriate isolation costs. For ICUs that only isolate MRSA-positive patients, the use of chromogenic agar 24-hour testing is recommended to minimize total costs. Copyright © 2017 Association for Professionals in Infection Control and Epidemiology, Inc. Published by Elsevier Inc. All rights reserved.

Attack Potential Evaluation in Desktop and Smartphone Fingerprint Sensors: Can They Be Attacked by Anyone?

Directory of Open Access Journals (Sweden)

Ines Goicoechea-Telleria

2018-01-01

Full Text Available The use of biometrics keeps growing. Every day, we use biometric recognition to unlock our phones or to have access to places such as the gym or the office, so we rely on the security manufacturers offer when protecting our privileges and private life. It is well known that it is possible to hack into a fingerprint sensor using fake fingers made of Play-Doh and other easy-to-obtain materials but to what extent? Is this true for all users or only for specialists with a deep knowledge on biometrics? Are smartphone fingerprint sensors as reliable as desktop sensors? To answer these questions, we performed 3 separate evaluations. First, we evaluated 4 desktop fingerprint sensors of different technologies by attacking them with 7 different fake finger materials. All of them were successfully attacked by an experienced attacker. Secondly, we carried out a similar test on 5 smartphones with embedded sensors using the most successful materials, which also hacked the 5 sensors. Lastly, we gathered 15 simulated attackers with no background in biometrics to create fake fingers of several materials, and they had one week to attack the fingerprint sensors of the same 5 smartphones, with the starting point of a short video with the techniques to create them. All 5 smartphones were successfully attacked by an inexperienced attacker. This paper will provide the results achieved, as well as an analysis on the attack potential of every case. All results are given following the metrics of the standard ISO/IEC 30107-3.

Hospitals: Soft Target for Terrorism?

Science.gov (United States)

De Cauwer, Harald; Somville, Francis; Sabbe, Marc; Mortelmans, Luc J

2017-02-01

In recent years, the world has been rocked repeatedly by terrorist attacks. Arguably, the most remarkable were: the series of four coordinated suicide plane attacks on September 11, 2001 on buildings in New York, Virginia, and Pennsylvania, USA; and the recent series of two coordinated attacks in Brussels (Belgium), on March 22, 2016, involving two bombings at the departure hall of Brussels International Airport and a bombing at Maalbeek Metro Station located near the European Commission headquarters in the center of Brussels. This statement paper deals with different aspects of hospital policy and disaster response planning that interface with terrorism. Research shows that the availability of necessary equipment and facilities (eg, personal protective clothing, decontamination rooms, antidotes, and anti-viral drugs) in hospitals clearly is insufficient. Emergency teams are insufficiently prepared: adequate and repetitive training remain necessary. Unfortunately, there are many examples of health care workers and physicians or hospitals being targeted in both political or religious conflicts and wars. Many health workers were kidnapped and/or killed by insurgents of various ideology. Attacks on hospitals also could cause long-term effects: hospital units could be unavailable for a long time and replacing staff could take several months, further compounding hospital operations. Both physical and psychological (eg, posttraumatic stress disorder [PTSD]) after-effects of a terrorist attack can be detrimental to health care services. On the other hand, physicians and other hospital employees have shown to be involved in terrorism. As data show that some offenders had a previous history with the location of the terror incident, the possibility of hospitals or other health care services being targeted by insiders is discussed. The purpose of this report was to consider how past terrorist incidents can inform current hospital preparedness and disaster response planning

Managing burn victims of suicide bombing attacks: outcomes, lessons learnt, and changes made from three attacks in Indonesia.

Science.gov (United States)

Chim, Harvey; Yew, Woon Si; Song, Colin

2007-01-01

Terror attacks in Southeast Asia were almost nonexistent until the 2002 Bali bomb blast, considered the deadliest attack in Indonesian history. Further attacks in 2003 (Jakarta), 2004 (Jakarta), and 2005 (Bali) have turned terrorist attacks into an ever-present reality. The authors reviewed medical charts of victims evacuated to the Singapore General Hospital (SGH) Burns Centre during three suicide attacks involving Bali (2002 and 2005) and the Jakarta Marriott hotel (2003). Problems faced, lessons learnt, and costs incurred are discussed. A burns disaster plan drawing on lessons learnt from these attacks is presented. Thirty-one patients were treated at the SGH Burns Centre in three attacks (2002 Bali attack [n = 15], 2003 Jakarta attack [n = 14], and 2005 Bali attack [n = 2]). For the 2002 Bali attack, median age was 29 years (range 20 to 50 years), median percentage of total burn surface area (TBSA) was 29% (range 5% to 55%), and median abbreviated burn severity index (ABSI) was 6 (range 3 to 10). Eight of 15 patients were admitted to the intensive care unit. For the 2003 Jakarta attack, median age was 35 years (range 24 to 56 years), median percentage of TBSA was 10% (range 2% to 46%), and median ABSI was 4 (range 3 to 9). A large number of patients had other injuries. Problems faced included manpower issues, lack of bed space, shortage of blood products, and lack of cadaver skin. The changing nature of terror attacks mandates continued vigilance and disaster preparedness. The multidimensional burns patient, complicated by other injuries, is likely to become increasingly common. A burns disaster plan with emphasis on effective command, control, and communication as well as organisation of health care personnel following a 'team concept' will do much to ensure that the sudden onset of a crisis situation at an unexpected time does not overwhelm hospital manpower and resources.

Overview of DOS attacks on wireless sensor networks and experimental results for simulation of interference attacks

Directory of Open Access Journals (Sweden)

Željko Gavrić

2018-01-01

Full Text Available Wireless sensor networks are now used in various fields. The information transmitted in the wireless sensor networks is very sensitive, so the security issue is very important. DOS (denial of service attacks are a fundamental threat to the functioning of wireless sensor networks. This paper describes some of the most common DOS attacks and potential methods of protection against them. The case study shows one of the most frequent attacks on wireless sensor networks – the interference attack. In the introduction of this paper authors assume that the attack interference can cause significant obstruction of wireless sensor networks. This assumption has been proved in the case study through simulation scenario and simulation results.

Securing internet by eliminating DDOS attacks

Science.gov (United States)

Niranchana, R.; Gayathri Devi, N.; Santhi, H.; Gayathri, P.

2017-11-01

The major threat caused to the authorised usage of Internet is Distributed Denial of Service attack. The mechanisms used to prevent the DDoS attacks are said to overcome the attack’s ability in spoofing the IP packets source addresses. By utilising Internet Protocol spoofing, the attackers cause a consequential load over the networks destination for policing attack packets. To overcome the IP Spoofing level on the Internet, We propose an Inter domain Packet Filter (IPF) architecture. The proposed scheme is not based on global routing information. The packets with reliable source addresses are not rejected, the IPF frame work works in such a manner. The spoofing capability of attackers is confined by IPF, and also the filter identifies the source of an attack packet by minimal number of candidate network.

Prospective surveillance of device-associated health care-associated infection in an intensive care unit of a tertiary care hospital in New Delhi, India.

Science.gov (United States)

Kumar, Shilpee; Sen, Poornima; Gaind, Rajni; Verma, Pardeep Kumar; Gupta, Poonam; Suri, Prem Rose; Nagpal, Sunita; Rai, Anil Kumar

2018-02-01

Surveillance of health care-associated infections (HAIs) plays a key role in the hospital infection control program and reduction of HAIs. In India, most of the surveillance of HAIs is reported from private sector hospitals that do not depict the situation of government sector hospitals. Other studies do not confirm with the Centers for Disease Control and Prevention's (CDC) National Healthcare Safety Network (NHSN) surveillance criterion, or deal with ventilator-associated pneumonia (VAP) instead of ventilator-associated event (VAE). The aim of this study was to identify the incidences of 3 device-associated HAIs (DA-HAIs) (VAE, central line-associated bloodstream infection [CLABSI], and catheter-associated urinary tract infection [CAUTI]) by active surveillance using CDC's NHSN surveillance criteria and to identify the pathogens associated with these DA-HAIs. This was a prospective surveillance study (January 2015-December 2016) conducted in an intensive care unit (ICU) of a large, tertiary care, government hospital situated in Delhi, India. Targeted surveillance was done as per the CDC's NHSN 2016 surveillance criteria. There were 343 patients admitted to the ICU that were included in the study. The surveillance data was reported over 3,755 patient days. A DA-HAIs attack rate of 20.1 per 100 admissions and incidence of 18.3 per 1,000 patient days was observed. The duration of use for each device for patients with DA-HAIs was significantly longer than for patients without DA-HAIs. The device utilization ratios of central line, ventilator, and urinary catheters were 0.57, 0.85, and 0.72, respectively. The crude excess length of stay for patients with DA-HAI was 13 days, and crude excess mortality rate was 11.8%. VAE, CLABSI, and CAUTI rates were 11.8, 7.4, and 9.7 per 1,000 device days, respectively. Among 69 DA-HAIs reported, pathogens could be identified for 49 DA-HAI cases. Klebsiella spp was the most common organism isolated, accounting 28.5% for all DA

The monocular visual imaging technology model applied in the airport surface surveillance

Science.gov (United States)

Qin, Zhe; Wang, Jian; Huang, Chao

2013-08-01

At present, the civil aviation airports use the surface surveillance radar monitoring and positioning systems to monitor the aircrafts, vehicles and the other moving objects. Surface surveillance radars can cover most of the airport scenes, but because of the terminals, covered bridges and other buildings geometry, surface surveillance radar systems inevitably have some small segment blind spots. This paper presents a monocular vision imaging technology model for airport surface surveillance, achieving the perception of scenes of moving objects such as aircrafts, vehicles and personnel location. This new model provides an important complement for airport surface surveillance, which is different from the traditional surface surveillance radar techniques. Such technique not only provides clear objects activities screen for the ATC, but also provides image recognition and positioning of moving targets in this area. Thereby it can improve the work efficiency of the airport operations and avoid the conflict between the aircrafts and vehicles. This paper first introduces the monocular visual imaging technology model applied in the airport surface surveillance and then the monocular vision measurement accuracy analysis of the model. The monocular visual imaging technology model is simple, low cost, and highly efficient. It is an advanced monitoring technique which can make up blind spot area of the surface surveillance radar monitoring and positioning systems.

Plants under dual attack

NARCIS (Netherlands)

Ponzio, C.A.M.

2016-01-01

Though immobile, plants are members of complex environments, and are under constant threat from a wide range of attackers, which includes organisms such as insect herbivores or plant pathogens. Plants have developed sophisticated defenses against these attackers, and include chemical responses

Expectation-Maximization Tensor Factorization for Practical Location Privacy Attacks

Directory of Open Access Journals (Sweden)

Murakami Takao

2017-10-01

Full Text Available Location privacy attacks based on a Markov chain model have been widely studied to de-anonymize or de-obfuscate mobility traces. An adversary can perform various kinds of location privacy attacks using a personalized transition matrix, which is trained for each target user. However, the amount of training data available to the adversary can be very small, since many users do not disclose much location information in their daily lives. In addition, many locations can be missing from the training traces, since many users do not disclose their locations continuously but rather sporadically. In this paper, we show that the Markov chain model can be a threat even in this realistic situation. Specifically, we focus on a training phase (i.e. mobility profile building phase and propose Expectation-Maximization Tensor Factorization (EMTF, which alternates between computing a distribution of missing locations (E-step and computing personalized transition matrices via tensor factorization (M-step. Since the time complexity of EMTF is exponential in the number of missing locations, we propose two approximate learning methods, one of which uses the Viterbi algorithm while the other uses the Forward Filtering Backward Sampling (FFBS algorithm. We apply our learning methods to a de-anonymization attack and a localization attack, and evaluate them using three real datasets. The results show that our learning methods significantly outperform a random guess, even when there is only one training trace composed of 10 locations per user, and each location is missing with probability 80% (i.e. even when users hardly disclose two temporally-continuous locations.

New attacks on Wi-Fi Protected Setup

OpenAIRE

Hamed Mohtadi; Alireza Rahimi

2015-01-01

Wi-Fi Protected Setup (WPS) is a network security standard that is used to secure networks in home and office, introduced in 2006 by the Wi-Fi Alliance. It provides easier configuration setup and is used in almost all recent Wi-Fi devices. In this paper we propose two attacks on this standard. The first attack is an offline brute force attack that uses imbalance on registration protocol. This attack needs user action, but it is more efficient than previous attacks. The second attack uses weak...

A Game Theoretic Approach to Cyber Attack Prediction

Energy Technology Data Exchange (ETDEWEB)

Peng Liu

2005-11-28

The area investigated by this project is cyber attack prediction. With a focus on correlation-based prediction, current attack prediction methodologies overlook the strategic nature of cyber attack-defense scenarios. As a result, current cyber attack prediction methodologies are very limited in predicting strategic behaviors of attackers in enforcing nontrivial cyber attacks such as DDoS attacks, and may result in low accuracy in correlation-based predictions. This project develops a game theoretic framework for cyber attack prediction, where an automatic game-theory-based attack prediction method is proposed. Being able to quantitatively predict the likelihood of (sequences of) attack actions, our attack prediction methodology can predict fine-grained strategic behaviors of attackers and may greatly improve the accuracy of correlation-based prediction. To our best knowledge, this project develops the first comprehensive framework for incentive-based modeling and inference of attack intent, objectives, and strategies; and this project develops the first method that can predict fine-grained strategic behaviors of attackers. The significance of this research and the benefit to the public can be demonstrated to certain extent by (a) the severe threat of cyber attacks to the critical infrastructures of the nation, including many infrastructures overseen by the Department of Energy, (b) the importance of cyber security to critical infrastructure protection, and (c) the importance of cyber attack prediction to achieving cyber security.

Invisible Trojan-horse attack

DEFF Research Database (Denmark)

Sajeed, Shihan; Minshull, Carter; Jain, Nitin

2017-01-01

We demonstrate the experimental feasibility of a Trojan-horse attack that remains nearly invisible to the single-photon detectors employed in practical quantum key distribution (QKD) systems, such as Clavis2 from ID Quantique. We perform a detailed numerical comparison of the attack performance...

PrECast: An Efficient Crypto-Free Solution for Broadcast-Based Attacks in IPv4 Networks

Directory of Open Access Journals (Sweden)

Dalal Hanna

2018-05-01

Full Text Available Broadcasting is one of the essential features in the Internet Protocol Ver 4 (IPv4. Attackers often exploit this feature of the IP protocol to launch several attacks against a network or an individual host. Attackers may either be a part of a Local Area Network (LAN or outside a LAN to launch these attacks. There are numerous papers available in the literature to solve problems resulting from IP broadcasting. However, all these solutions target a specific problem that results from IP broadcasting. Furthermore, these solutions use either a computationally-intensive cryptographic scheme, the a priori relation between the host and the network or a modified protocol stack at every host. In this paper, we provide a seamless and transparent solution to eliminate IP broadcasting and thus eliminate all problems related to IP broadcasting. Our proposed solution is crypto-free and does not need any modification to the protocol stack.

Improving Neurodevelopmental Surveillance and Follow-up in Infants with Congenital Heart Disease.

Science.gov (United States)

Michael, Mark; Scharf, Rebecca; Letzkus, Lisa; Vergales, Jeffrey

2016-01-01

We hypothesize that neurodevelopmental surveillance of targeted patients with congenital heart disease during the admission for their cardiac surgery would improve neurodevelopmental assessment and outpatient follow-up rates. All patients under 12 months of age who were operated on between October 2013 and October 2014 and were considered at risk for neurodevelopmental delay in accordance with the 2012 American Heart Association Scientific Statement were included. A protocol was implemented to increase surveillance of targeted patients during the hospitalization for their cardiac surgery. A historical control cohort was used from a 6-month period that preceded initiation of the program from July 2012 to December 2012. Univariate analysis assessed the effects of patient demographics, anatomy, postoperative course, and distance from clinic on inpatient screening and follow-up to evaluate areas for future improvement. Neurodevelopmental surveillance in the post-protocol period increased from 21% to 82% (P neurodevelopmental surveillance of high risk patients. Individuals that were younger and in the hospital longer were more likely to be successfully seen and comply with outpatient follow-up than those not receiving inpatient risk assessment. Patients with single ventricle anatomy may benefit from a modified follow-up schedule to improve compliance rates. Travel distance has no effect on likelihood of outpatient cardiac neurodevelopmental follow-up. © 2016 Wiley Periodicals, Inc.

Radiological attacks and accidents. Medical consequences

International Nuclear Information System (INIS)

Sakuta, Hidenari

2007-01-01

Probability of the occurrence of radiological attacks appears to be elevated after the terrorist attacks against the United States on September 11 in 2001. There are a lot of scenarios of radiological attack: simple radiological device, radiological disperse device (RDD or dirty bomb), attacks against nuclear reactor, improvised nuclear device, and nuclear weapons. Of these, RDD attack is the most probable scenario, because it can be easily made and can generate enormous psychological and economic damages. Radiological incidents are occurring to and fro in the world, including several cases of theft to nuclear facilities and unsuccessful terrorist attacks against them. Recently, a former Russian spy has allegedly been killed using polonium-210. In addition, serious radiological accidents have occurred in Chernobyl, Goiania, and Tokai-mura. Planning, preparation, education, and training exercise appear to be essential factors to cope with radiological attacks and accidents effectively without feeling much anxiety. Triage and psychological first aid are prerequisite to manage and provide effective medial care for mass casualties without inducing panic. (author)

A Targeted Attack For Enhancing Resiliency of Intelligent Intrusion Detection Modules in Energy Cyber Physical Systems

Energy Technology Data Exchange (ETDEWEB)

Youssef, Tarek [Florida Intl Univ., Miami, FL (United States); El Hariri, Mohammad [Florida Intl Univ., Miami, FL (United States); Habib, Hani [Florida Intl Univ., Miami, FL (United States); Mohammed, Osama [Florida Intl Univ., Miami, FL (United States); Harmon, E [Florida Intl Univ., Miami, FL (United States)

2017-02-28

Abstract— Secure high-speed communication is required to ensure proper operation of complex power grid systems and prevent malicious tampering activities. In this paper, artificial neural networks with temporal dependency are introduced for false data identification and mitigation for broadcasted IEC 61850 SMV messages. The fast responses of such intelligent modules in intrusion detection make them suitable for time- critical applications, such as protection. However, care must be taken in selecting the appropriate intelligence model and decision criteria. As such, this paper presents a customizable malware script to sniff and manipulate SMV messages and demonstrates the ability of the malware to trigger false positives in the neural network’s response. The malware developed is intended to be as a vaccine to harden the intrusion detection system against data manipulation attacks by enhancing the neural network’s ability to learn and adapt to these attacks.

Reassembling Surveillance Creep

DEFF Research Database (Denmark)

Bøge, Ask Risom; Lauritsen, Peter

2017-01-01

We live in societies in which surveillance technologies are constantly introduced, are transformed, and spread to new practices for new purposes. How and why does this happen? In other words, why does surveillance “creep”? This question has received little attention either in theoretical developm......We live in societies in which surveillance technologies are constantly introduced, are transformed, and spread to new practices for new purposes. How and why does this happen? In other words, why does surveillance “creep”? This question has received little attention either in theoretical...... development or in empirical analyses. Accordingly, this article contributes to this special issue on the usefulness of Actor-Network Theory (ANT) by suggesting that ANT can advance our understanding of ‘surveillance creep’. Based on ANT’s model of translation and a historical study of the Danish DNA database......, we argue that surveillance creep involves reassembling the relations in surveillance networks between heterogeneous actors such as the watchers, the watched, laws, and technologies. Second, surveillance creeps only when these heterogeneous actors are adequately interested and aligned. However...

Script-viruses Attacks on UNIX OS

Directory of Open Access Journals (Sweden)

D. M. Mikhaylov

2010-06-01

Full Text Available In this article attacks on UNIX OS are considered. Currently antivirus developers are concentrated on protecting systems from viruses that are most common and attack popular operating systems. If the system or its components are not often attacked then the antivirus products are not protecting these components as it is not profitable. The same situation is with script-viruses for UNIX OS as most experts consider that it is impossible for such viruses to get enough rights to attack. Nevertheless the main conclusion of this article is the fact that such viruses can be very powerful and can attack systems and get enough rights.

Using Acute Flaccid Paralysis Surveillance as a Platform for Vaccine-Preventable Disease Surveillance.

Science.gov (United States)

Wassilak, Steven G F; Williams, Cheryl L; Murrill, Christopher S; Dahl, Benjamin A; Ohuabunwo, Chima; Tangermann, Rudolf H

2017-07-01

Surveillance for acute flaccid paralysis (AFP) is a fundamental cornerstone of the global polio eradication initiative (GPEI). Active surveillance (with visits to health facilities) is a critical strategy of AFP surveillance systems for highly sensitive and timely detection of cases. Because of the extensive resources devoted to AFP surveillance, multiple opportunities exist for additional diseases to be added using GPEI assets, particularly because there is generally 1 district officer responsible for all disease surveillance. For this reason, integrated surveillance has become a standard practice in many countries, ranging from adding surveillance for measles and rubella to integrated disease surveillance for outbreak-prone diseases (integrated disease surveillance and response). This report outlines the current level of disease surveillance integration in 3 countries (Nepal, India, and Nigeria) and proposes that resources continue for long-term maintenance in resource-poor countries of AFP surveillance as a platform for surveillance of vaccine-preventable diseases and other outbreak-prone diseases. © The Author 2017. Published by Oxford University Press for the Infectious Diseases Society of America.

Surveillance plan for the early detection of H5N1 highly pathogenic avian influenza virus in migratory birds in the United States: surveillance year 2009

Science.gov (United States)

Brand, Christopher J.

2009-01-01

Executive Summary: This Surveillance Plan (Plan) describes plans for conducting surveillance of wild birds in the United States and its Territories and Freely-Associated States to provide for early detection of the introduction of the H5N1 Highly Pathogenic Avian Influenza (HPAI) subtype of the influenza A virus by migratory birds during the 2009 surveillance year, spanning the period of April 1, 2009 - March 31, 2010. The Plan represents a continuation of surveillance efforts begun in 2006 under the Interagency Strategic Plan for the Early Detection of H5N1 Highly Pathogenic Avian Influenza in Wild Migratory Birds (U.S. Department of Agriculture and U.S. Department of the Interior, 2006). The Plan sets forth sampling plans by: region, target species or species groups to be sampled, locations of sampling, sample sizes, and sampling approaches and methods. This Plan will be reviewed annually and modified as appropriate for subsequent surveillance years based on evaluation of information from previous years of surveillance, changing patterns and threats of H5N1 HPAI, and changes in funding availability for avian influenza surveillance. Specific sampling strategies will be developed accordingly within each of six regions, defined here as Alaska, Hawaiian/Pacific Islands, Lower Pacific Flyway (Washington, Oregon, California, Idaho, Nevada, Arizona), Central Flyway, Mississippi Flyway, and Atlantic Flyway.

Redefining syndromic surveillance

Directory of Open Access Journals (Sweden)

Rebecca Katz

2011-12-01

Full Text Available With growing concerns about international spread of disease and expanding use of early disease detection surveillance methods, the field of syndromic surveillance has received increased attention over the last decade. The purpose of this article is to clarify the various meanings that have been assigned to the term syndromic surveillance and to propose a refined categorization of the characteristics of these systems. Existing literature and conference proceedings were examined on syndromic surveillance from 1998 to 2010, focusing on low- and middle-income settings. Based on the 36 unique definitions of syndromic surveillance found in the literature, five commonly accepted principles of syndromic surveillance systems were identified, as well as two fundamental categories: specific and non-specific disease detection. Ultimately, the proposed categorization of syndromic surveillance distinguishes between systems that focus on detecting defined syndromes or outcomes of interest and those that aim to uncover non-specific trends that suggest an outbreak may be occurring. By providing an accurate and comprehensive picture of this field’s capabilities, and differentiating among system types, a unified understanding of the syndromic surveillance field can be developed, encouraging the adoption, investment in, and implementation of these systems in settings that need bolstered surveillance capacity, particularly low- and middle-income countries.

Hybrid attacks on model-based social recommender systems

Science.gov (United States)

Yu, Junliang; Gao, Min; Rong, Wenge; Li, Wentao; Xiong, Qingyu; Wen, Junhao

2017-10-01

With the growing popularity of the online social platform, the social network based approaches to recommendation emerged. However, because of the open nature of rating systems and social networks, the social recommender systems are susceptible to malicious attacks. In this paper, we present a certain novel attack, which inherits characteristics of the rating attack and the relation attack, and term it hybrid attack. Furtherly, we explore the impact of the hybrid attack on model-based social recommender systems in multiple aspects. The experimental results show that, the hybrid attack is more destructive than the rating attack in most cases. In addition, users and items with fewer ratings will be influenced more when attacked. Last but not the least, the findings suggest that spammers do not depend on the feedback links from normal users to become more powerful, the unilateral links can make the hybrid attack effective enough. Since unilateral links are much cheaper, the hybrid attack will be a great threat to model-based social recommender systems.

Hiding Critical Targets in Smart Grid Networks

Energy Technology Data Exchange (ETDEWEB)

Bao, Wei [Univ. of Arkansas, Fayetteville, AR (United States); Li, Qinghua

2017-10-23

With the integration of advanced communication technologies, the power grid is expected to greatly enhance efficiency and reliability of future power systems. However, since most electrical devices in power grid substations are connected via communication networks, cyber security of these communication networks becomes a critical issue. Real-World incidents such as Stuxnet have shown the feasibility of compromising a device in the power grid network to further launch more sophisticated attacks. To deal with security attacks of this spirit, this paper aims to hide critical targets from compromised internal nodes and hence protect them from further attacks launched by those compromised nodes. In particular, we consider substation networks and propose to add carefully-controlled dummy traffic to a substation network to make critical target nodes indistinguishable from other nodes in network traffic patterns. This paper describes the design and evaluation of such a scheme. Evaluations show that the scheme can effectively protect critical nodes with acceptable communication cost.

Lethal Surveillance: Drones and the Geo-History of Modern War

Science.gov (United States)

Kindervater, Katharine Hall

Interdisciplinary both in scope and method, my dissertation, Lethal Surveillance: Drones and the Geo-History of Modern War, examines the history of drone technology from the start of the 20th century to the present in order to understand the significance of the increasing centrality of drones to current American military engagements and security practices more generally. Much of the scholarship on drones and many other contemporary military technologies tends to view the technology as radically new, missing both the historical development of these objects as well as the perspectives and rationalities that are embedded in their use. For this research, I focused on three main periods of drone research and development: the early years of World War I and II in the UK, the Cold War, and the 1990s. In studying this history of the drone, I found that two key trends emerge as significant: the increasing importance of information to warfare under the rubric of intelligence, reconnaissance and surveillance; and a shift toward more dynamic, speedier, and individualized targeting practices. I argue that the widespread use of drones today thus represents the culmination of attempts in war to effectively link these two trends, creating a practice I call lethal surveillance -- with the armed Predator effectively closing the loop between identifying and killing targets. The concept of lethal surveillance, which in my dissertation I place squarely within the histories of modern scientific thinking and Western liberal governance, allows us to see how techniques of Western state power and knowledge production are merging with practices of killing and control in new ways, causing significant changes to both the operations of the state and to practices of war. Framing the drone through the lens of lethal surveillance, therefore, allows us to see the longer histories the drone is embedded in as well as other security practices it is connected to.

The plays and arts of surveillance: studying surveillance as entertainment

NARCIS (Netherlands)

Albrechtslund, Anders; Dubbeld, L.

2006-01-01

This paper suggests a direction in the development of Surveillance Studies that goes beyond current attention for the caring, productive and enabling aspects of surveillance practices. That is, surveillance could be considered not just as positively protective, but even as a comical, playful,

Setting Component Priorities in Protecting NPPs against Cyber-Attacks Using Reliability Analysis Techniques

International Nuclear Information System (INIS)

Choi, Moon Kyoung; Seong, Poong Hyun; Son, Han Seong

2017-01-01

The digitalization of infrastructure makes systems vulnerable to cyber threats and hybrid attacks. According to ICS-CERT report, as time goes by, the number of vulnerabilities in ICS industries increases rapidly. Digital I and C systems have been developed and installed in nuclear power plants, and due to installation of the digital I and C systems, cyber security concerns are increasing in nuclear industry. However, there are too many critical digital assets to be inspected in digitalized NPPs. In order to reduce the inefficiency of regulation in nuclear facilities, the critical components that are directly related to an accident are elicited by using the reliability analysis techniques. Target initial events are selected, and their headings are analyzed through event tree analysis about whether the headings can be affected by cyber-attacks or not. Among the headings, the headings that can be proceeded directly to the core damage by the cyber-attack when they are fail are finally selected as the target of deriving the minimum cut-sets. We analyze the fault trees and derive the minimum set-cuts. In terms of original PSA, the value of probability for the cut-sets is important but the probability is not important in terms of cyber security of NPPs. The important factors is the number of basic events consisting of the minimal cut-sets that is proportional to vulnerability.

Higher coronary heart disease and heart attack morbidity in Appalachian coal mining regions.

Science.gov (United States)

Hendryx, Michael; Zullig, Keith J

2009-11-01

This study analyzes the U.S. 2006 Behavioral Risk Factor Surveillance System survey data (N=235,783) to test whether self-reported cardiovascular disease rates are higher in Appalachian coal mining counties compared to other counties after control for other risks. Dependent variables include self-reported measures of ever (1) being diagnosed with cardiovascular disease (CVD) or with a specific form of CVD including (2) stroke, (3) heart attack, or (4) angina or coronary heart disease (CHD). Independent variables included coal mining, smoking, BMI, drinking, physician supply, diabetes co-morbidity, age, race/ethnicity, education, income, and others. SUDAAN Multilog models were estimated, and odds ratios tested for coal mining effects. After control for covariates, people in Appalachian coal mining areas reported significantly higher risk of CVD (OR=1.22, 95% CI=1.14-1.30), angina or CHD (OR=1.29, 95% CI=1.19-1.39) and heart attack (OR=1.19, 95% CI=1.10-1.30). Effects were present for both men and women. Cardiovascular diseases have been linked to both air and water contamination in ways consistent with toxicants found in coal and coal processing. Future research is indicated to assess air and water quality in coal mining communities in Appalachia, with corresponding environmental programs and standards established as indicated.

Enhanced surveillance program FY97 accomplishments. Progress report

Energy Technology Data Exchange (ETDEWEB)

Mauzy, A. [ed.; Laake, B. [comp.

1997-10-01

This annual report is one volume of the Enhanced Surveillance Program (ESP) FY97 Accomplishments. The complete accomplishments report consists of 11 volumes. Volume 1 includes an ESP overview and a summary of selected unclassified FY97 program highlights. Volume 1 specifically targets a general audience, reflecting about half of the tasks conducted in FY97 and emphasizing key program accomplishments and contributions. The remaining volumes of the accomplishments report are classified, organized by program focus area, and present in technical detail the progress achieved in each of the 104 FY97 program tasks. Focus areas are as follows: pits; high explosives; organics; dynamics; diagnostics; systems; secondaries; nonnuclear materials; nonnuclear components; and Surveillance Test Program upgrades.

Knowledge of heart attack and stroke symptomology: a cross-sectional comparison of rural and non-rural US adults

Directory of Open Access Journals (Sweden)

Swanoski Michael T

2012-06-01

Full Text Available Abstract Background Understanding the signs and symptoms of heart attacks and strokes are important not only in saving lives, but also in preserving quality of life. Findings from recent research have yielded that the prevalence of cardiovascular disease risk factors are higher in rural populations, suggesting that adults living in rural locales may be at higher risk for heart attack and/or stroke. Knowledge of heart attack and stroke symptomology as well as calling 911 for a suspected heart attack or stroke are essential first steps in seeking care. This study sought to examine the knowledge of heart attack and stroke symptoms among rural adults in comparison to non-rural adults living in the U.S. Methods Using multivariate techniques, a cross-sectional analysis of an amalgamated multi-year Behavioral Risk Factor Surveillance Survey (BRFSS database was performed. The dependent variable for this analysis was low heart attack and stroke knowledge score. The covariates for the analysis were: age, sex, race/ethnicity, annual household income, attained education, health insurance status, having a health care provider (HCP, timing of last routine medical check-up, medical care deferment because of cost, self-defined health status and geographic locale. Results The weighted n for this study overall was 103,262,115 U.S. adults > =18 years of age. Approximately 22.0% of these respondents were U.S. adults living in rural locales. Logistic regression analysis revealed that those U.S. adults who had low composite heart attack and stroke knowledge scores were more likely to be rural (OR = 1.218 95%CI 1.216-1.219 rather than non-rural residents. Furthermore, those with low scores were more likely to be: male (OR = 1.353 95%CI 1.352-1.354, >65 years of age (OR = 1.369 95%CI 1.368-1.371, African American (OR = 1.892 95%CI 1.889-1.894, not educated beyond high school (OR = 1.400 955CI 1.399-1.402, uninsured (OR = 1.308 95%CI 1

An Analysis of Attacks on Blockchain Consensus

OpenAIRE

Bissias, George; Levine, Brian Neil; Ozisik, A. Pinar; Andresen, Gavin

2016-01-01

We present and validate a novel mathematical model of the blockchain mining process and use it to conduct an economic evaluation of the double-spend attack, which is fundamental to all blockchain systems. Our analysis focuses on the value of transactions that can be secured under a conventional double-spend attack, both with and without a concurrent eclipse attack. Our model quantifies the importance of several factors that determine the attack's success, including confirmation depth, attacke...

Automated classification of computer network attacks

CSIR Research Space (South Africa)

Van Heerden, R

2013-11-01

Full Text Available according to the relevant types of attack scenarios depicted in the ontology. The two network attack instances are the Distributed Denial of Service attack on SpamHaus in 2013 and the theft of 42 million Rand ($6.7 million) from South African Postbank...

Media use and insomnia after terror attacks in France.

Science.gov (United States)

Goodwin, Robin; Lemola, Sakari; Ben-Ezra, Menachem

2018-03-01

Direct exposure to traumatic events often precipitates sleep disorders. Sleep disturbance has also been observed amongst those indirectly exposed to trauma, via mass media. However, previous work has focused on traditional media use, rather than contemporary social media. We tested associations between both traditional and social media consumption and insomnia symptoms following 2015 terror attacks in Paris France, controlling for location and post-traumatic symptomology. 1878 respondents, selected to represent the national French population, completed an internet survey a month after the Bataclan attacks (response rate 72%). Respondents indicated different media use, post-traumatic stress and insomnia. Controlling for demographics, location and PTSD, insomnia was associated with both traditional (β 0.10, P = .001) and social media use (β 0.12, P = .001). Associations between social media and insomnia were independent of traditional media use. Interventions targeted at social media may be particularly important following mass trauma. Copyright © 2017 Elsevier Ltd. All rights reserved.

Surveillance and Critical Theory

Directory of Open Access Journals (Sweden)

Christian Fuchs

2015-09-01

Full Text Available In this comment, the author reflects on surveillance from a critical theory approach, his involvement in surveillance research and projects, and the status of the study of surveillance. The comment ascertains a lack of critical thinking about surveillance, questions the existence of something called “surveillance studies” as opposed to a critical theory of society, and reflects on issues such as Edward Snowden’s revelations, and Foucault and Marx in the context of surveillance.

The Advanced Linked Extended Reconnaissance & Targeting Technology Demonstration project

Science.gov (United States)

Edwards, Mark

2008-04-01

The Advanced Linked Extended Reconnaissance & Targeting (ALERT) Technology Demonstration (TD) project is addressing many operational needs of the future Canadian Army's Surveillance and Reconnaissance forces. Using the surveillance system of the Coyote reconnaissance vehicle as an experimental platform, the ALERT TD project aims to significantly enhance situational awareness by fusing multi-sensor and tactical data, developing automated processes, and integrating beyond line-of-sight sensing. The project is exploiting important advances made in computer processing capability, displays technology, digital communications, and sensor technology since the design of the original surveillance system. As the major research area within the project, concepts are discussed for displaying and fusing multi-sensor and tactical data within an Enhanced Operator Control Station (EOCS). The sensor data can originate from the Coyote's own visible-band and IR cameras, laser rangefinder, and ground-surveillance radar, as well as from beyond line-of-sight systems such as mini-UAVs and unattended ground sensors. Video-rate image processing has been developed to assist the operator to detect poorly visible targets. As a second major area of research, automatic target cueing capabilities have been added to the system. These include scene change detection, automatic target detection and aided target recognition algorithms processing both IR and visible-band images to draw the operator's attention to possible targets. The merits of incorporating scene change detection algorithms are also discussed. In the area of multi-sensor data fusion, up to Joint Defence Labs level 2 has been demonstrated. The human factors engineering aspects of the user interface in this complex environment are presented, drawing upon multiple user group sessions with military surveillance system operators. The paper concludes with Lessons Learned from the project. The ALERT system has been used in a number of C4ISR

Cyber Attacks and Combat Behavior

Directory of Open Access Journals (Sweden)

Carataș Maria Alina

2017-01-01

Full Text Available Cyber terrorism is an intangible danger, a real over the corner threat in the life of individuals,organizations, and governments and is getting harder to deal with its damages. The motivations forthe cyber-attacks are different, depending on the terrorist group, from cybercrime to hacktivism,attacks over the authorities’ servers. Organizations constantly need to find new ways ofstrengthening protection against cyber-attacks, assess their cyber readiness, expand the resiliencecapacity and adopts international security regulations.

Attacks on public telephone networks: technologies and challenges

Science.gov (United States)

Kosloff, T.; Moore, Tyler; Keller, J.; Manes, Gavin W.; Shenoi, Sujeet

2003-09-01

Signaling System 7 (SS7) is vital to signaling and control in America's public telephone networks. This paper describes a class of attacks on SS7 networks involving the insertion of malicious signaling messages via compromised SS7 network components. Three attacks are discussed in detail: IAM flood attacks, redirection attacks and point code spoofing attacks. Depending on their scale of execution, these attacks can produce effects ranging from network congestion to service disruption. Methods for detecting these denial-of-service attacks and mitigating their effects are also presented.

Optimizing the response to surveillance alerts in automated surveillance systems.

Science.gov (United States)

Izadi, Masoumeh; Buckeridge, David L

2011-02-28

Although much research effort has been directed toward refining algorithms for disease outbreak alerting, considerably less attention has been given to the response to alerts generated from statistical detection algorithms. Given the inherent inaccuracy in alerting, it is imperative to develop methods that help public health personnel identify optimal policies in response to alerts. This study evaluates the application of dynamic decision making models to the problem of responding to outbreak detection methods, using anthrax surveillance as an example. Adaptive optimization through approximate dynamic programming is used to generate a policy for decision making following outbreak detection. We investigate the degree to which the model can tolerate noise theoretically, in order to keep near optimal behavior. We also evaluate the policy from our model empirically and compare it with current approaches in routine public health practice for investigating alerts. Timeliness of outbreak confirmation and total costs associated with the decisions made are used as performance measures. Using our approach, on average, 80 per cent of outbreaks were confirmed prior to the fifth day of post-attack with considerably less cost compared to response strategies currently in use. Experimental results are also provided to illustrate the robustness of the adaptive optimization approach and to show the realization of the derived error bounds in practice. Copyright © 2011 John Wiley & Sons, Ltd.

Automated Generation of Attack Trees

DEFF Research Database (Denmark)

Vigo, Roberto; Nielson, Flemming; Nielson, Hanne Riis

2014-01-01

Attack trees are widely used to represent threat scenarios in a succinct and intuitive manner, suitable for conveying security information to non-experts. The manual construction of such objects relies on the creativity and experience of specialists, and therefore it is error-prone and impractica......Attack trees are widely used to represent threat scenarios in a succinct and intuitive manner, suitable for conveying security information to non-experts. The manual construction of such objects relies on the creativity and experience of specialists, and therefore it is error......-prone and impracticable for large systems. Nonetheless, the automated generation of attack trees has only been explored in connection to computer networks and levering rich models, whose analysis typically leads to an exponential blow-up of the state space. We propose a static analysis approach where attack trees...... are automatically inferred from a process algebraic specification in a syntax-directed fashion, encompassing a great many application domains and avoiding incurring systematically an exponential explosion. Moreover, we show how the standard propositional denotation of an attack tree can be used to phrase...

Pareto Efficient Solutions of Attack-Defence Trees

DEFF Research Database (Denmark)

Aslanyan, Zaruhi; Nielson, Flemming

2015-01-01

Attack-defence trees are a promising approach for representing threat scenarios and possible countermeasures in a concise and intuitive manner. An attack-defence tree describes the interaction between an attacker and a defender, and is evaluated by assigning parameters to the nodes, such as proba......Attack-defence trees are a promising approach for representing threat scenarios and possible countermeasures in a concise and intuitive manner. An attack-defence tree describes the interaction between an attacker and a defender, and is evaluated by assigning parameters to the nodes......, such as probability or cost of attacks and defences. In case of multiple parameters most analytical methods optimise one parameter at a time, e.g., minimise cost or maximise probability of an attack. Such methods may lead to sub-optimal solutions when optimising conflicting parameters, e.g., minimising cost while...... maximising probability. In order to tackle this challenge, we devise automated techniques that optimise all parameters at once. Moreover, in the case of conflicting parameters our techniques compute the set of all optimal solutions, defined in terms of Pareto efficiency. The developments are carried out...

Different systolic blood pressure targets for people with history of stroke or transient ischaemic attack: PAST-BP (Prevention After Stroke—Blood Pressure) randomised controlled trial

Science.gov (United States)

McManus, Richard J; Roalfe, Andrea; Fletcher, Kate; Taylor, Clare J; Martin, Una; Virdee, Satnam; Greenfield, Sheila; Hobbs, F D Richard

2016-01-01

Objective To assess whether using intensive blood pressure targets leads to lower blood pressure in a community population of people with prevalent cerebrovascular disease. Design Open label randomised controlled trial. Setting 99 general practices in England, with participants recruited in 2009-11. Participants People with a history of stroke or transient ischaemic attack whose systolic blood pressure was 125 mm Hg or above. Interventions Intensive systolic blood pressure target (different target, patients in both arms were actively managed in the same way with regular reviews by the primary care team. Main outcome measure Change in systolic blood pressure between baseline and 12 months. Results 529 patients (mean age 72) were enrolled, 266 to the intensive target arm and 263 to the standard target arm, of whom 379 were included in the primary analysis (182 (68%) intensive arm; 197 (75%) standard arm). 84 patients withdrew from the study during the follow-up period (52 intensive arm; 32 standard arm). Mean systolic blood pressure dropped by 16.1 mm Hg to 127.4 mm Hg in the intensive target arm and by 12.8 mm Hg to 129.4 mm Hg in the standard arm (difference between groups 2.9 (95% confidence interval 0.2 to 5.7) mm Hg; P=0.03). Conclusions Aiming for target below 130 mm Hg rather than 140 mm Hg for systolic blood pressure in people with cerebrovascular disease in primary care led to a small additional reduction in blood pressure. Active management of systolic blood pressure in this population using a blood pressure. Trial registration Current Controlled Trials ISRCTN29062286. PMID:26919870

Review of On-Scene Management of Mass-Casualty Attacks

Directory of Open Access Journals (Sweden)

Annelie Holgersson

2016-02-01

Full Text Available Background: The scene of a mass-casualty attack (MCA entails a crime scene, a hazardous space, and a great number of people needing medical assistance. Public transportation has been the target of such attacks and involves a high probability of generating mass casualties. The review aimed to investigate challenges for on-scene responses to MCAs and suggestions made to counter these challenges, with special attention given to attacks on public transportation and associated terminals. Methods: Articles were found through PubMed and Scopus, “relevant articles” as defined by the databases, and a manual search of references. Inclusion criteria were that the article referred to attack(s and/or a public transportation-related incident and issues concerning formal on-scene response. An appraisal of the articles’ scientific quality was conducted based on an evidence hierarchy model developed for the study. Results: One hundred and five articles were reviewed. Challenges for command and coordination on scene included establishing leadership, inter-agency collaboration, multiple incident sites, and logistics. Safety issues entailed knowledge and use of personal protective equipment, risk awareness and expectations, cordons, dynamic risk assessment, defensive versus offensive approaches, and joining forces. Communication concerns were equipment shortfalls, dialoguing, and providing information. Assessment problems were scene layout and interpreting environmental indicators as well as understanding setting-driven needs for specialist skills and resources. Triage and treatment difficulties included differing triage systems, directing casualties, uncommon injuries, field hospitals, level of care, providing psychological and pediatric care. Transportation hardships included scene access, distance to hospitals, and distribution of casualties. Conclusion: Commonly encountered challenges during unintentional incidents were added to during MCAs

Ideology, Critique and Surveillance

Directory of Open Access Journals (Sweden)

Heidi Herzogenrath-Amelung

2013-11-01

Full Text Available The 2013 revelations concerning global surveillance programmes demonstrate in unprecedented clarity the need for Critical Theory of information and communication technologies (ICTs to address the mechanisms and implications of increasingly global, ubiquitous surveillance. This is all the more urgent because of the dominance of the “surveillance ideology” (the promise of security through surveillance that supports the political economy of surveillance. This paper asks which theoretical arguments and concepts can be useful for philosophically grounding a critique of this surveillance ideology. It begins by examining how the surveillance ideology works through language and introduces the concept of the ‘ideological packaging’ of ICTs to show how rhetoric surrounding the implementation of surveillance technologies reinforces the surveillance ideology. It then raises the problem of how ideology-critique can work if it relies on language itself and argues that Martin Heidegger’s philosophy can make a useful contribution to existing critical approaches to language.

Cross-site scripting attacks procedure and Prevention Strategies

Directory of Open Access Journals (Sweden)

Wang Xijun

2016-01-01

Full Text Available Cross-site scripting attacks and defense has been the site of attack and defense is an important issue, this paper, the definition of cross-site scripting attacks, according to the current understanding of the chaos on the cross-site scripting, analyzes the causes and harm cross-site scripting attacks formation of attacks XXS complete process XSS attacks made a comprehensive analysis, and then for the web program includes Mobility there are cross-site scripting filter laxity given from ordinary users browse the web and web application developers two the defense cross-site scripting attacks effective strategy.

Heart Attack Symptoms in Women

Science.gov (United States)

... fat, cholesterol and other substances (plaque). Watch an animation of a heart attack . Many women think the ... Support Network Popular Articles 1 Understanding Blood Pressure Readings 2 Sodium and Salt 3 Heart Attack Symptoms ...

On the anatomy of social engineering attacks : A literature-based dissection of successful attacks

NARCIS (Netherlands)

Bullee, Jan-Willem; Montoya, L.; Pieters, Wolter; Junger, Marianne; Hartel, Pieter H.

The aim of this studywas to explore the extent towhich persuasion principles are used in successful social engineering attacks. Seventy-four scenarioswere extracted from 4 books on social engineering (written by social engineers) and analysed. Each scenariowas split into attack steps, containing

Programmable Logic Controller Modification Attacks for use in Detection Analysis

Science.gov (United States)

2014-03-27

and J. Lowe, “The Myths and Facts Behind Cyber Security Risks for Industrial Control Systems ,” in Proceedings of the VDE Kongress, vol. 116, 2004. [13...Feb 2014 Date 20 Feb 2014 Date 20 Feb 2014 Date AFIT-ENG-14-M-66 Abstract Unprotected Supervisory Control and Data Acquisition (SCADA) systems offer...control and monitor physical industrial processes. Although attacks targeting SCADA systems have increased, there has been little work exploring the

DDOS ATTACK DETECTION SIMULATION AND HANDLING MECHANISM

Directory of Open Access Journals (Sweden)

Ahmad Sanmorino

2013-11-01

Full Text Available In this study we discuss how to handle DDoS attack that coming from the attacker by using detection method and handling mechanism. Detection perform by comparing number of packets and number of flow. Whereas handling mechanism perform by limiting or drop the packets that detected as a DDoS attack. The study begins with simulation on real network, which aims to get the real traffic data. Then, dump traffic data obtained from the simulation used for detection method on our prototype system called DASHM (DDoS Attack Simulation and Handling Mechanism. From the result of experiment that has been conducted, the proposed method successfully detect DDoS attack and handle the incoming packet sent by attacker.

Model checking exact cost for attack scenarios

DEFF Research Database (Denmark)

Aslanyan, Zaruhi; Nielson, Flemming

2017-01-01

Attack trees constitute a powerful tool for modelling security threats. Many security analyses of attack trees can be seamlessly expressed as model checking of Markov Decision Processes obtained from the attack trees, thus reaping the benefits of a coherent framework and a mature tool support....... However, current model checking does not encompass the exact cost analysis of an attack, which is standard for attack trees. Our first contribution is the logic erPCTL with cost-related operators. The extended logic allows to analyse the probability of an event satisfying given cost bounds and to compute...... the exact cost of an event. Our second contribution is the model checking algorithm for erPCTL. Finally, we apply our framework to the analysis of attack trees....

Brain Tissue Volumes and Perfusion Change with the Number of Optic Neuritis Attacks in Relapsing Neuromyelitis Optica: A Voxel-Based Correlation Study.

Directory of Open Access Journals (Sweden)

Carlos A Sánchez-Catasús

Full Text Available Recent neuroimaging studies show that brain abnormalities in neuromyelitis optica (NMO are more frequent than earlier described. Yet, more research considering multiple aspects of NMO is necessary to better understand these abnormalities. A clinical feature of relapsing NMO (RNMO is that the incremental disability is attack-related. Therefore, association between the attack-related process and neuroimaging might be expected. On the other hand, the immunopathological analysis of NMO lesions has suggested that CNS microvasculature could be an early disease target, which could alter brain perfusion. Brain tissue volume changes accompanying perfusion alteration could also be expected throughout the attack-related process. The aim of this study was to investigate in RNMO patients, by voxel-based correlation analysis, the assumed associations between regional brain white (WMV and grey matter volumes (GMV and/or perfusion on one side, and the number of optic neuritis (ON attacks, myelitis attacks and/or total attacks on the other side. For this purpose, high resolution T1-weighted MRI and perfusion SPECT imaging were obtained in 15 RNMO patients. The results showed negative regional correlations of WMV, GMV and perfusion with the number of ON attacks, involving important components of the visual system, which could be relevant for the comprehension of incremental visual disability in RNMO. We also found positive regional correlation of perfusion with the number of ON attacks, mostly overlapping the brain area where the WMV showed negative correlation. This provides evidence that brain microvasculature is an early disease target and suggests that perfusion alteration could be important in the development of brain structural abnormalities in RNMO.

Who is Surveilling Whom?

DEFF Research Database (Denmark)

Mortensen, Mette

2014-01-01

This article concerns the particular form of counter-surveillance termed “sousveillance”, which aims to turn surveillance at the institutions responsible for surveillance. Drawing on the theoretical perspectives “mediatization” and “aerial surveillance,” the article studies WikiLeaks’ publication...

Visualization of the Serratia Type VI Secretion System Reveals Unprovoked Attacks and Dynamic Assembly

Directory of Open Access Journals (Sweden)

Amy J. Gerc

2015-09-01

Full Text Available The Type VI secretion system (T6SS is a bacterial nanomachine that fires toxic proteins into target cells. Deployment of the T6SS represents an efficient and widespread means by which bacteria attack competitors or interact with host organisms and may be triggered by contact from an attacking neighbor cell as a defensive strategy. Here, we use the opportunist pathogen Serratia marcescens and functional fluorescent fusions of key components of the T6SS to observe different subassemblies of the machinery simultaneously and on multiple timescales in vivo. We report that the localization and dynamic behavior of each of the components examined is distinct, revealing a multi-stage and dynamic assembly process for the T6SS machinery. We also show that the T6SS can assemble and fire without needing a cell contact trigger, defining an aggressive strategy that broadens target range and suggesting that activation of the T6SS is tailored to survival in specific niches.

Visualization of the Serratia Type VI Secretion System Reveals Unprovoked Attacks and Dynamic Assembly

Science.gov (United States)

Gerc, Amy J.; Diepold, Andreas; Trunk, Katharina; Porter, Michael; Rickman, Colin; Armitage, Judith P.; Stanley-Wall, Nicola R.; Coulthurst, Sarah J.

2015-01-01

Summary The Type VI secretion system (T6SS) is a bacterial nanomachine that fires toxic proteins into target cells. Deployment of the T6SS represents an efficient and widespread means by which bacteria attack competitors or interact with host organisms and may be triggered by contact from an attacking neighbor cell as a defensive strategy. Here, we use the opportunist pathogen Serratia marcescens and functional fluorescent fusions of key components of the T6SS to observe different subassemblies of the machinery simultaneously and on multiple timescales in vivo. We report that the localization and dynamic behavior of each of the components examined is distinct, revealing a multi-stage and dynamic assembly process for the T6SS machinery. We also show that the T6SS can assemble and fire without needing a cell contact trigger, defining an aggressive strategy that broadens target range and suggesting that activation of the T6SS is tailored to survival in specific niches. PMID:26387948

NETWORK SECURITY ATTACKS. ARP POISONING CASE STUDY

Directory of Open Access Journals (Sweden)

Luminiţa DEFTA

2010-12-01

Full Text Available Arp poisoning is one of the most common attacks in a switched network. A switch is a network device that limits the ability of attackers that use a packet sniffer to gain access to information from internal network traffic. However, using ARP poisoning the traffic between two computers can be intercepted even in a network that uses switches. This method is known as man in the middle attack. With this type of attack the affected stations from a network will have invalid entries in the ARP table. Thus, it will contain only the correspondence between the IP addresses of the stations from the same network and a single MAC address (the station that initiated the attack. In this paper we present step by step the initiation of such an attack in a network with three computers. We will intercept the traffic between two stations using the third one (the attacker.

SOA-surveillance Nederland

NARCIS (Netherlands)

Rijlaarsdam J; Bosman A; Laar MJW van de; CIE

2000-01-01

In May 1999 a working group was started to evaluate the current surveillance systems for sexually transmitted diseases (STD) and to make suggestions for a renewed effective and efficient STD surveillance system in the Netherlands. The surveillance system has to provide insight into the prevalence

Nadzor vazdušnog prostora pasivnim multisenzorskim sistemima / Air surveillance by passive multisensor systems

Directory of Open Access Journals (Sweden)

Miljko Erić

2004-05-01

Full Text Available Za sprovođenje savremenih operacija, kako na operativno-strategijskom, tako i na taktič kom nivou, izuzetno je važno da se obezbedi kontinuirani nadzor vazdušnog prostora. Poznato je da su aktivni radarski sistemi, na kojima se kod nas trenutno zasniva nadzor vazdušnog prostora, u ratnim uslovima veoma ranjivi i podložni elektronskim i borbenim dejstvima protivnika, što je u toku rata 1999. godine i praktično potvrđeno. Kao alternativa aktivnim radarskim sistemima nameće se koncept pasivnog nadzora vazdušnog prostora korišćenjem distribuiranih multisenzorskih sistema. Predmet širih istraživanja predstavljaju tehnička rešenja integrisanog multisenzorskog sistema za pasivan nadzor vazdušnog prostora, koji se sastoji od sledećih podsistema za nadzor vazdušnog prostora: na radio-gonimetarskom principu u frekvencijskom opsegu 20-3000 MHz, na zvukometrijskom principu, na principu vizuelnih osmatračkih stanica, na termovizijskom i televizijskom principu. U ovom radu analizirani su opšti principi pasivnog nadzora vazdušnog prostora multisenzorskim sistemima i predložena je tehnička koncepcija radio-goniometarskog i zvukometrijskog podsistema. / It is very important to provide continuous air surveillance in to realize modern operations on the operational-strategic level and tactical, as well. It is well known that active radar systems, on which air surveillance is based in our country, are very vulnerable in war times and susceptible to the electronic counter and combat attacks of the enemy, what is shown practically in 1999 war. Air surveillance by passive multi-sensor systems is a possible alternative to the air surveillance by the active radar systems. Subjects of our wider research are technical solutions of integrated multi-sensor systems for passive air surveillance which consists of the following subsystems: a subsystem for the air communication intelligence within the frequency range 20-3000 MHz based on intercept

Attack Graph Construction for Security Events Analysis

Directory of Open Access Journals (Sweden)

Andrey Alexeevich Chechulin

2014-09-01

Full Text Available The paper is devoted to investigation of the attack graphs construction and analysis task for a network security evaluation and real-time security event processing. Main object of this research is the attack modeling process. The paper contains the description of attack graphs building, modifying and analysis technique as well as overview of implemented prototype for network security analysis based on attack graph approach.

Automated Discovery of Mimicry Attacks

National Research Council Canada - National Science Library

Giffin, Jonathon T; Jha, Somesh; Miller, Barton P

2006-01-01

.... These systems are useful only if they detect actual attacks. Previous research developed manually-constructed mimicry and evasion attacks that avoided detection by hiding a malicious series of system calls within a valid sequence allowed by the model...

IDMA: improving the defense against malicious attack for mobile ad hoc networks based on ARIP protocol

Science.gov (United States)

Peng, Chaorong; Chen, Chang Wen

2008-04-01

Malicious nodes are mounting increasingly sophisticated attacking operations on the Mobile Ad Hoc Networks (MANETs). This is mainly because the IP-based MANETs are vulnerable to attacks by various malicious nodes. However, the defense against malicious attack can be improved when a new layer of network architecture can be developed to separate true IP address from disclosing to the malicious nodes. In this paper, we propose a new algorithm to improve the defense against malicious attack (IDMA) that is based on a recently developed Assignment Router Identify Protocol (ARIP) for the clustering-based MANET management. In the ARIP protocol, we design the ARIP architecture based on the new Identity instead of the vulnerable IP addresses to provide the required security that is embedded seamlessly into the overall network architecture. We make full use of ARIP's special property to monitor gateway forward packets by Reply Request Route Packets (RREP) without additional intrusion detection layer. We name this new algorithm IDMA because of its inherent capability to improve the defense against malicious attacks. Through IDMA, a watching algorithm can be established so as to counterattack the malicious node in the routing path when it unusually drops up packets. We provide analysis examples for IDMA for the defense against a malicious node that disrupts the route discovery by impersonating the destination, or by responding with state of corrupted routing information, or by disseminating forged control traffic. The IDMA algorithm is able to counterattack the malicious node in the cases when the node lunch DoS attack by broadcast a large number of route requests, or make Target traffic congestion by delivering huge mount of data; or spoof the IP addresses and send forge packets with a fake ID to the same Target causing traffic congestion at that destination. We have implemented IDMA algorism using the GloMoSim simulator and have demonstrated its performance under a variety of

Polio eradication initiative in Africa: influence on other infectious disease surveillance development

Directory of Open Access Journals (Sweden)

Cochi Stephen

2002-12-01

Full Text Available Abstract Background The World Health Organization (WHO and partners are collaborating to eradicate poliomyelitis. To monitor progress, countries perform surveillance for acute flaccid paralysis (AFP. The WHO African Regional Office (WHO-AFRO and the U.S Centers for Disease Control and Prevention are also involved in strengthening infectious disease surveillance and response in Africa. We assessed whether polio-eradication initiative resources are used in the surveillance for and response to other infectious diseases in Africa. Methods During October 1999-March 2000, we developed and administered a survey questionnaire to at least one key informant from the 38 countries that regularly report on polio activities to WHO. The key informants included WHO-AFRO staff assigned to the countries and Ministry of Health personnel. Results We obtained responses from 32 (84% of the 38 countries. Thirty-one (97% of the 32 countries had designated surveillance officers for AFP surveillance, and 25 (78% used the AFP resources for the surveillance and response to other infectious diseases. In 28 (87% countries, AFP program staff combined detection for AFP and other infectious diseases. Fourteen countries (44% had used the AFP laboratory specimen transportation system to transport specimens to confirm other infectious disease outbreaks. The majority of the countries that performed AFP surveillance adequately (i.e., non polio AFP rate = 1/100,000 children aged Conclusions Despite concerns regarding the targeted nature of AFP surveillance, it is partially integrated into existing surveillance and response systems in multiple African countries. Resources provided for polio eradication should be used to improve surveillance for and response to other priority infectious diseases in Africa.

Performance Evaluation of Localization Accuracy for a Log-Normal Shadow Fading Wireless Sensor Network under Physical Barrier Attacks.

Science.gov (United States)

Hussein, Ahmed Abdulqader; Rahman, Tharek A; Leow, Chee Yen

2015-12-04

Localization is an apparent aspect of a wireless sensor network, which is the focus of much interesting research. One of the severe conditions that needs to be taken into consideration is localizing a mobile target through a dispersed sensor network in the presence of physical barrier attacks. These attacks confuse the localization process and cause location estimation errors. Range-based methods, like the received signal strength indication (RSSI), face the major influence of this kind of attack. This paper proposes a solution based on a combination of multi-frequency multi-power localization (C-MFMPL) and step function multi-frequency multi-power localization (SF-MFMPL), including the fingerprint matching technique and lateration, to provide a robust and accurate localization technique. In addition, this paper proposes a grid coloring algorithm to detect the signal hole map in the network, which refers to the attack-prone regions, in order to carry out corrective actions. The simulation results show the enhancement and robustness of RSS localization performance in the face of log normal shadow fading effects, besides the presence of physical barrier attacks, through detecting, filtering and eliminating the effect of these attacks.

Performance Evaluation of Localization Accuracy for a Log-Normal Shadow Fading Wireless Sensor Network under Physical Barrier Attacks

Science.gov (United States)

Abdulqader Hussein, Ahmed; Rahman, Tharek A.; Leow, Chee Yen

2015-01-01

Localization is an apparent aspect of a wireless sensor network, which is the focus of much interesting research. One of the severe conditions that needs to be taken into consideration is localizing a mobile target through a dispersed sensor network in the presence of physical barrier attacks. These attacks confuse the localization process and cause location estimation errors. Range-based methods, like the received signal strength indication (RSSI), face the major influence of this kind of attack. This paper proposes a solution based on a combination of multi-frequency multi-power localization (C-MFMPL) and step function multi-frequency multi-power localization (SF-MFMPL), including the fingerprint matching technique and lateration, to provide a robust and accurate localization technique. In addition, this paper proposes a grid coloring algorithm to detect the signal hole map in the network, which refers to the attack-prone regions, in order to carry out corrective actions. The simulation results show the enhancement and robustness of RSS localization performance in the face of log normal shadow fading effects, besides the presence of physical barrier attacks, through detecting, filtering and eliminating the effect of these attacks. PMID:26690159

Transforming Graphical System Models to Graphical Attack Models

DEFF Research Database (Denmark)

Ivanova, Marieta Georgieva; Probst, Christian W.; Hansen, Rene Rydhof

2016-01-01

Manually identifying possible attacks on an organisation is a complex undertaking; many different factors must be considered, and the resulting attack scenarios can be complex and hard to maintain as the organisation changes. System models provide a systematic representation of organisations...... approach to transforming graphical system models to graphical attack models in the form of attack trees. Based on an asset in the model, our transformations result in an attack tree that represents attacks by all possible actors in the model, after which the actor in question has obtained the asset....

When Sinuses Attack! (For Kids)

Science.gov (United States)

... First Aid & Safety Doctors & Hospitals Videos Recipes for Kids Kids site Sitio para niños How the Body Works ... Search English Español When Sinuses Attack! KidsHealth / For Kids / When Sinuses Attack! What's in this article? What ...

Assessment for the potential of Stuxnet attack on research reactor in Indonesia

International Nuclear Information System (INIS)

Eko H Riyadi

2013-01-01

Since discovered in June of 2010, the malware that named Stuxnet was directly electrify the world. The malware is interested the attentions of the media and security experts since infect instrumentation and control systems in industrial and caused significant damage. Stuxnet is a sophisticated kind of computer malware designed to sabotage industrial processes controlled by Siemens SIMATIC WinCC and PCS7. Even the malware developed to attack Iran's nuclear facilities have very specific goals and designed to infect Siemens SCADA systems are set up to control and monitor industrial processes. In Indonesia there are 3 research reactors i.e. Kartini in Jog jakarta, TRIGA in Bandung and RSG GA Siwabessy in Serpong. Last reactor has the largest capacity that was using the instrumentation and control system of the Siemens made. This study aims to determine the potential of the Stuxnet attack on research reactor with use methods and analysis the learning to the malware. With the configuration of the control system on research reactors, it is not impossible will be target of the Stuxnet attacks like as Iran's nuclear facility in Natanz. Although some security experts and anti virus have develop system patch and removal to fix this malware, but still needed the role of regulatory bodies to ensure that instrumentation and control system in research reactors are totally safe and secure from malware attacks. (author)

Heart Attack

Science.gov (United States)

... properly causes your body's blood sugar levels to rise, increasing your risk of heart attack. Metabolic syndrome. This occurs when you have obesity, high blood pressure and high blood sugar. Having metabolic ...

Capacity building efforts and perceptions for wildlife surveillance to detect zoonotic pathogens: comparing stakeholder perspectives.

Science.gov (United States)

Schwind, Jessica S; Goldstein, Tracey; Thomas, Kate; Mazet, Jonna A K; Smith, Woutrina A

2014-07-04

The capacity to conduct zoonotic pathogen surveillance in wildlife is critical for the recognition and identification of emerging health threats. The PREDICT project, a component of United States Agency for International Development's Emerging Pandemic Threats program, has introduced capacity building efforts to increase zoonotic pathogen surveillance in wildlife in global 'hot spot' regions where zoonotic disease emergence is likely to occur. Understanding priorities, challenges, and opportunities from the perspectives of the stakeholders is a key component of any successful capacity building program. A survey was administered to wildlife officials and to PREDICT-implementing in-country project scientists in 16 participating countries in order to identify similarities and differences in perspectives between the groups regarding capacity needs for zoonotic pathogen surveillance in wildlife. Both stakeholder groups identified some human-animal interfaces (i.e. areas of high contact between wildlife and humans with the potential risk for disease transmission), such as hunting and markets, as important for ongoing targeting of wildlife surveillance. Similarly, findings regarding challenges across stakeholder groups showed some agreement in that a lack of sustainable funding across regions was the greatest challenge for conducting wildlife surveillance for zoonotic pathogens (wildlife officials: 96% and project scientists: 81%). However, the opportunity for improving zoonotic pathogen surveillance capacity identified most frequently by wildlife officials as important was increasing communication or coordination among agencies, sectors, or regions (100% of wildlife officials), whereas the most frequent opportunities identified as important by project scientists were increasing human capacity, increasing laboratory capacity, and the growing interest or awareness regarding wildlife disease or surveillance programs (all identified by 69% of project scientists). A One

Software-based Microarchitectural Attacks

OpenAIRE

Gruss, Daniel

2017-01-01

Modern processors are highly optimized systems where every single cycle of computation time matters. Many optimizations depend on the data that is being processed. Software-based microarchitectural attacks exploit effects of these optimizations. Microarchitectural side-channel attacks leak secrets from cryptographic computations, from general purpose computations, or from the kernel. This leakage even persists across all common isolation boundaries, such as processes, containers, and virtual ...

WHO Regional Office for Europe guidance for influenza surveillance in humans.

NARCIS (Netherlands)

Brown, C.S.; Andraghetti, R.; Paget, J.

2009-01-01

Recent international mandates, and the emergent circulation of pandemic (H1N1) 2009 virus in human populations, call for strengthening influenza surveillance to better target seasonal influenza control programmes and support pandemic preparedness. This document provides technical guidance to

Integrating cyber attacks within fault trees

International Nuclear Information System (INIS)

Nai Fovino, Igor; Masera, Marcelo; De Cian, Alessio

2009-01-01

In this paper, a new method for quantitative security risk assessment of complex systems is presented, combining fault-tree analysis, traditionally used in reliability analysis, with the recently introduced Attack-tree analysis, proposed for the study of malicious attack patterns. The combined use of fault trees and attack trees helps the analyst to effectively face the security challenges posed by the introduction of modern ICT technologies in the control systems of critical infrastructures. The proposed approach allows considering the interaction of malicious deliberate acts with random failures. Formal definitions of fault tree and attack tree are provided and a mathematical model for the calculation of system fault probabilities is presented.

Integrating cyber attacks within fault trees

Energy Technology Data Exchange (ETDEWEB)

Nai Fovino, Igor [Joint Research Centre - EC, Institute for the Protection and Security of the Citizen, Ispra, VA (Italy)], E-mail: igor.nai@jrc.it; Masera, Marcelo [Joint Research Centre - EC, Institute for the Protection and Security of the Citizen, Ispra, VA (Italy); De Cian, Alessio [Department of Electrical Engineering, University di Genova, Genoa (Italy)

2009-09-15

In this paper, a new method for quantitative security risk assessment of complex systems is presented, combining fault-tree analysis, traditionally used in reliability analysis, with the recently introduced Attack-tree analysis, proposed for the study of malicious attack patterns. The combined use of fault trees and attack trees helps the analyst to effectively face the security challenges posed by the introduction of modern ICT technologies in the control systems of critical infrastructures. The proposed approach allows considering the interaction of malicious deliberate acts with random failures. Formal definitions of fault tree and attack tree are provided and a mathematical model for the calculation of system fault probabilities is presented.

Attack and Vulnerability Penetration Testing: FreeBSD

Directory of Open Access Journals (Sweden)

Abdul Hanan Abdullah

2013-07-01

Full Text Available Computer system security has become a major concern over the past few years. Attacks, threasts or intrusions, against computer system and network have become commonplace events. However, there are some system devices and other tools that are available to overcome the threat of these attacks. Currently, cyber attack is a major research and inevitable. This paper presents some steps of penetration in FreeBSD operating system, some tools and new steps to attack used in this experiment, probes for reconnaissance, guessing password via brute force, gaining privilege access and flooding victim machine to decrease availability. All these attacks were executed and infiltrate within the environment of Intrusion Threat Detection Universiti Teknologi Malaysia (ITD UTM data set. This work is expected to be a reference for practitioners to prepare their systems from Internet attacks.

Racial targeting of sexual violence in Darfur.

Science.gov (United States)

Hagan, John; Rymond-Richmond, Wenona; Palloni, Alberto

2009-08-01

We used the Atrocities Documentation Survey to determine whether Sudanese government forces were involved in racially targeting sexual victimization toward ethnically African women in the Darfur region of western Sudan. The US State Department conducted the survey by interviewing a randomized multistage probability sample of 1136 Darfur refugees at 20 sites in Chad in 2004. For a subset of 932 respondents who had fled from village clusters that accounted for 15 or more respondents per cluster, we used hierarchical linear models to analyze village-level patterns of reported sexual violence. We statistically controlled for individual sexual victimization to remove bias. Respondents reported being subjected to racial epithets associated with sexual victimization significantly more often during combined attacks by Sudanese government forces and Janjaweed militia forces than during separate attacks by either force. Combined attacks by Sudanese government forces and Janjaweed militia forces led to racial epithets being used more often during sexual victimization in Darfur. Our results suggest that the Sudanese government is participating in the use of sexual assault as a racially targeted weapon against ethnically African civilians.

Superposition Attacks on Cryptographic Protocols

DEFF Research Database (Denmark)

Damgård, Ivan Bjerre; Funder, Jakob Løvstad; Nielsen, Jesper Buus

2011-01-01

of information. In this paper, we introduce a fundamentally new model of quantum attacks on classical cryptographic protocols, where the adversary is allowed to ask several classical queries in quantum superposition. This is a strictly stronger attack than the standard one, and we consider the security......Attacks on classical cryptographic protocols are usually modeled by allowing an adversary to ask queries from an oracle. Security is then defined by requiring that as long as the queries satisfy some constraint, there is some problem the adversary cannot solve, such as compute a certain piece...... of several primitives in this model. We show that a secret-sharing scheme that is secure with threshold $t$ in the standard model is secure against superposition attacks if and only if the threshold is lowered to $t/2$. We use this result to give zero-knowledge proofs for all of NP in the common reference...

Moving Target Techniques: Leveraging Uncertainty for Cyber Defense

Science.gov (United States)

2015-12-15

program’s source code and is not possible with proprietary, third - party software for which source code is not made available. Furthermore, ensuring...implemented in most modern operating systems including Linux, Windows, Mac OSX, Android , and iOS. By randomizing the addresses, ASLR makes exploit...applications, and software versions that are running on the target machine to develop an attack against it. During the third phase, the attacker

Recurrent spontaneous attacks of dizziness.

Science.gov (United States)

Lempert, Thomas

2012-10-01

This article describes the common causes of recurrent vertigo and dizziness that can be diagnosed largely on the basis of history. Ninety percent of spontaneous recurrent vertigo and dizziness can be explained by six disorders: (1) Ménière disease is characterized by vertigo attacks, lasting 20 minutes to several hours, with concomitant hearing loss, tinnitus, and aural fullness. Aural symptoms become permanent during the course of the disease. (2) Attacks of vestibular migraine may last anywhere from minutes to days. Most patients have a previous history of migraine headaches, and many experience migraine symptoms during the attack. (3) Vertebrobasilar TIAs affect older adults with vascular risk factors. Most attacks last less than 1 hour and are accompanied by other symptoms from the posterior circulation territory. (4) Vestibular paroxysmia is caused by vascular compression of the eighth cranial nerve. It manifests itself with brief attacks of vertigo that recur many times per day, sometimes with concomitant cochlear symptoms. (5) Orthostatic hypotension causes brief episodes of dizziness lasting seconds to a few minutes after standing up and is relieved by sitting or lying down. In older adults, it may be accompanied by supine hypertension. (6) Panic attacks usually last minutes, occur in specific situations, and are accompanied by choking, palpitations, tremor, heat, and anxiety. Less common causes of spontaneous recurrent vertigo and dizziness include perilymph fistula, superior canal dehiscence, autoimmune inner ear disease, otosclerosis, cardiac arrhythmia, and medication side effects. Neurologists need to venture into otolaryngology, internal medicine, and psychiatry to master the differential diagnosis of recurrent dizziness.

The art of survival after an atomic attack

International Nuclear Information System (INIS)

Haarland, C.M.; Chester, C.V.; Wigner, E.P.

1978-01-01

Carsten M. Haarland, Conrad V. Chester and Eugene P. Wigner have been appointed by the American civil protection service to look into the question of how one may protect the providently evacuated population and supply the latter with food, water and other essential goods after a nuclear attack on military and industrial targets, as well as on living areas. The report of the three US scientists is over 200 pages long. Extracts from the concluding chapter are given here whose translation first appeared in the information leaflet Nr. 268/77 of the International Organisation for Civil Defence, Geneva. (orig.) [de

Shark Attack Project - Marine Attack at Towed Hydrophone Arrays

National Research Council Canada - National Science Library

Kalmijn, Adrianus J

2005-01-01

The original objective of the SIO Marine Attack project was to identify the electric and magnetic fields causing sharks to inflict serious damage upon the towed hydrophone arrays of US Navy submarines...

Novel Method For Low-Rate Ddos Attack Detection

Science.gov (United States)

Chistokhodova, A. A.; Sidorov, I. D.

2018-05-01

The relevance of the work is associated with an increasing number of advanced types of DDoS attacks, in particular, low-rate HTTP-flood. Last year, the power and complexity of such attacks increased significantly. The article is devoted to the analysis of DDoS attacks detecting methods and their modifications with the purpose of increasing the accuracy of DDoS attack detection. The article details low-rate attacks features in comparison with conventional DDoS attacks. During the analysis, significant shortcomings of the available method for detecting low-rate DDoS attacks were found. Thus, the result of the study is an informal description of a new method for detecting low-rate denial-of-service attacks. The architecture of the stand for approbation of the method is developed. At the current stage of the study, it is possible to improve the efficiency of an already existing method by using a classifier with memory, as well as additional information.

Heart Attack

Science.gov (United States)

... family history of heart attack race – African Americans, Mexican Americans, Native Americans, and native Hawaiians are at ... Your doctor will prescribe the medicines that are right for you. If you have had a heart ...

Public health preparedness and response to a radiological terrorist attack

International Nuclear Information System (INIS)

Yamaguchi, Ichiro

2016-01-01

Given the potential for intentional malevolent acts, the security of radioactive sources should be ensured. In the event of a terrorist attack using a radioactive source, we should care not only about health concerns of victims, especially including first responders who suffer from radiation injury, but also public health activities with affected people during the long recovery phase. Regarding the radiological public health viewpoint, preventive efforts are also important. In fact, regulatory reform is progressing in Japan according to the code of conduct issued by IAEA. One of the difficulties of countermeasures for the security of radioactive sources in Japan is to establish a disposal facility for disused sealed radioactive sources, since radioactive waste has been additionally a point of contention in society since the nuclear disaster. This paper presents an overview of countermeasures for terrorist attacks using a radioactive source, from the viewpoint of public health in Japan including the results of survey targeted hospitals equipped with blood irradiation machines. (author)

Higher coronary heart disease and heart attack morbidity in Appalachian coal mining regions

Energy Technology Data Exchange (ETDEWEB)

Hendryx, M.; Zullig, K.J. [West Virginia University, Morgantown, WV (United States). Dept. of Community Medicine

2009-11-15

This study analyzes the U.S. 2006 Behavioral Risk Factor Surveillance System survey data (N = 235,783) to test whether self-reported cardiovascular disease rates are higher in Appalachian coal mining counties compared to other counties after control for other risks. Dependent variables include self-reported measures of ever (1) being diagnosed with cardiovascular disease (CVD) or with a specific form of CVD including (2) stroke, (3) heart attack, or (4) angina or coronary heart disease (CHD). Independent variables included coal mining, smoking, BMI, drinking, physician supply, diabetes co-morbidity, age, race/ethnicity, education, income, and others. SUDAAN Multilog models were estimated, and odds ratios tested for coal mining effects. After control for covariates, people in Appalachian coal mining areas reported significantly higher risk of CVD (OR = 1.22, 95% CI = 1.14-1.30), angina or CHO (OR = 1.29, 95% C1 = 1.19-1.39) and heart attack (OR = 1.19, 95% C1 = 1.10-1.30). Effects were present for both men and women. Cardiovascular diseases have been linked to both air and water contamination in ways consistent with toxicants found in coal and coal processing. Future research is indicated to assess air and water quality in coal mining communities in Appalachia, with corresponding environmental programs and standards established as indicated.

Automatic Classification of Attacks on IP Telephony

Directory of Open Access Journals (Sweden)

Jakub Safarik

2013-01-01

Full Text Available This article proposes an algorithm for automatic analysis of attack data in IP telephony network with a neural network. Data for the analysis is gathered from variable monitoring application running in the network. These monitoring systems are a typical part of nowadays network. Information from them is usually used after attack. It is possible to use an automatic classification of IP telephony attacks for nearly real-time classification and counter attack or mitigation of potential attacks. The classification use proposed neural network, and the article covers design of a neural network and its practical implementation. It contains also methods for neural network learning and data gathering functions from honeypot application.

Further attacks on Yeung-Mintzer fragile watermarking scheme

Science.gov (United States)

Fridrich, Jessica; Goljan, Miroslav; Memon, Nasir D.

2000-05-01

In this paper, we describe new and improved attacks on the authentication scheme previously proposed by Yeung and Mintzer. Previous attacks assumed that the binary watermark logo inserted in an image for the purposes of authentication was known. Here we remove that assumption and show how the scheme is still vulnerable, even if the binary logo is not known but the attacker has access to multiple images that have been watermarked with the same secret key and contain the same (but unknown) logo. We present two attacks. The first attack infers the secret watermark insertion function and the binary logo, given multiple images authenticated with the same key and containing the same logo. We show that a very good approximation to the logo and watermark insertion function can be constructed using as few as two images. With color images, one needs many more images, nevertheless the attack is still feasible. The second attack we present, which we call the 'collage-attack' is a variation of the Holliman-Memon counterfeiting attack. The proposed variation does not require knowledge of the watermark logo and produces counterfeits of superior quality by means of a suitable dithering process that we develop.

Pareto Efficient Solution of Attack-Defence Trees

NARCIS (Netherlands)

Aslanyan, Zaruhi; Nielson, Flemming

Attack-defence trees are a promising approach for representing threat scenarios and possible countermeasures in a concise and intuitive manner. An attack-defence tree describes the interaction between an attacker and a defender, and is evaluated by assigning parameters to the nodes, such as

Genetic attack on neural cryptography.

Science.gov (United States)

Ruttor, Andreas; Kinzel, Wolfgang; Naeh, Rivka; Kanter, Ido

2006-03-01

Different scaling properties for the complexity of bidirectional synchronization and unidirectional learning are essential for the security of neural cryptography. Incrementing the synaptic depth of the networks increases the synchronization time only polynomially, but the success of the geometric attack is reduced exponentially and it clearly fails in the limit of infinite synaptic depth. This method is improved by adding a genetic algorithm, which selects the fittest neural networks. The probability of a successful genetic attack is calculated for different model parameters using numerical simulations. The results show that scaling laws observed in the case of other attacks hold for the improved algorithm, too. The number of networks needed for an effective attack grows exponentially with increasing synaptic depth. In addition, finite-size effects caused by Hebbian and anti-Hebbian learning are analyzed. These learning rules converge to the random walk rule if the synaptic depth is small compared to the square root of the system size.

Genetic attack on neural cryptography

International Nuclear Information System (INIS)

Ruttor, Andreas; Kinzel, Wolfgang; Naeh, Rivka; Kanter, Ido

2006-01-01

Different scaling properties for the complexity of bidirectional synchronization and unidirectional learning are essential for the security of neural cryptography. Incrementing the synaptic depth of the networks increases the synchronization time only polynomially, but the success of the geometric attack is reduced exponentially and it clearly fails in the limit of infinite synaptic depth. This method is improved by adding a genetic algorithm, which selects the fittest neural networks. The probability of a successful genetic attack is calculated for different model parameters using numerical simulations. The results show that scaling laws observed in the case of other attacks hold for the improved algorithm, too. The number of networks needed for an effective attack grows exponentially with increasing synaptic depth. In addition, finite-size effects caused by Hebbian and anti-Hebbian learning are analyzed. These learning rules converge to the random walk rule if the synaptic depth is small compared to the square root of the system size

Genetic attack on neural cryptography

Science.gov (United States)

Ruttor, Andreas; Kinzel, Wolfgang; Naeh, Rivka; Kanter, Ido

2006-03-01

Different scaling properties for the complexity of bidirectional synchronization and unidirectional learning are essential for the security of neural cryptography. Incrementing the synaptic depth of the networks increases the synchronization time only polynomially, but the success of the geometric attack is reduced exponentially and it clearly fails in the limit of infinite synaptic depth. This method is improved by adding a genetic algorithm, which selects the fittest neural networks. The probability of a successful genetic attack is calculated for different model parameters using numerical simulations. The results show that scaling laws observed in the case of other attacks hold for the improved algorithm, too. The number of networks needed for an effective attack grows exponentially with increasing synaptic depth. In addition, finite-size effects caused by Hebbian and anti-Hebbian learning are analyzed. These learning rules converge to the random walk rule if the synaptic depth is small compared to the square root of the system size.

Development of the Diabetes Technology Society Blood Glucose Monitor System Surveillance Protocol.

Science.gov (United States)

Klonoff, David C; Lias, Courtney; Beck, Stayce; Parkes, Joan Lee; Kovatchev, Boris; Vigersky, Robert A; Arreaza-Rubin, Guillermo; Burk, Robert D; Kowalski, Aaron; Little, Randie; Nichols, James; Petersen, Matt; Rawlings, Kelly; Sacks, David B; Sampson, Eric; Scott, Steve; Seley, Jane Jeffrie; Slingerland, Robbert; Vesper, Hubert W

2016-05-01

Inaccurate blood glucsoe monitoring systems (BGMSs) can lead to adverse health effects. The Diabetes Technology Society (DTS) Surveillance Program for cleared BGMSs is intended to protect people with diabetes from inaccurate, unreliable BGMS products that are currently on the market in the United States. The Surveillance Program will provide an independent assessment of the analytical performance of cleared BGMSs. The DTS BGMS Surveillance Program Steering Committee included experts in glucose monitoring, surveillance testing, and regulatory science. Over one year, the committee engaged in meetings and teleconferences aiming to describe how to conduct BGMS surveillance studies in a scientifically sound manner that is in compliance with good clinical practice and all relevant regulations. A clinical surveillance protocol was created that contains performance targets and analytical accuracy-testing studies with marketed BGMS products conducted by qualified clinical and laboratory sites. This protocol entitled "Protocol for the Diabetes Technology Society Blood Glucose Monitor System Surveillance Program" is attached as supplementary material. This program is needed because currently once a BGMS product has been cleared for use by the FDA, no systematic postmarket Surveillance Program exists that can monitor analytical performance and detect potential problems. This protocol will allow identification of inaccurate and unreliable BGMSs currently available on the US market. The DTS Surveillance Program will provide BGMS manufacturers a benchmark to understand the postmarket analytical performance of their products. Furthermore, patients, health care professionals, payers, and regulatory agencies will be able to use the results of the study to make informed decisions to, respectively, select, prescribe, finance, and regulate BGMSs on the market. © 2015 Diabetes Technology Society.

Development of the Diabetes Technology Society Blood Glucose Monitor System Surveillance Protocol

Science.gov (United States)

Klonoff, David C.; Lias, Courtney; Beck, Stayce; Parkes, Joan Lee; Kovatchev, Boris; Vigersky, Robert A.; Arreaza-Rubin, Guillermo; Burk, Robert D.; Kowalski, Aaron; Little, Randie; Nichols, James; Petersen, Matt; Rawlings, Kelly; Sacks, David B.; Sampson, Eric; Scott, Steve; Seley, Jane Jeffrie; Slingerland, Robbert; Vesper, Hubert W.

2015-01-01

Background: Inaccurate blood glucsoe monitoring systems (BGMSs) can lead to adverse health effects. The Diabetes Technology Society (DTS) Surveillance Program for cleared BGMSs is intended to protect people with diabetes from inaccurate, unreliable BGMS products that are currently on the market in the United States. The Surveillance Program will provide an independent assessment of the analytical performance of cleared BGMSs. Methods: The DTS BGMS Surveillance Program Steering Committee included experts in glucose monitoring, surveillance testing, and regulatory science. Over one year, the committee engaged in meetings and teleconferences aiming to describe how to conduct BGMS surveillance studies in a scientifically sound manner that is in compliance with good clinical practice and all relevant regulations. Results: A clinical surveillance protocol was created that contains performance targets and analytical accuracy-testing studies with marketed BGMS products conducted by qualified clinical and laboratory sites. This protocol entitled “Protocol for the Diabetes Technology Society Blood Glucose Monitor System Surveillance Program” is attached as supplementary material. Conclusion: This program is needed because currently once a BGMS product has been cleared for use by the FDA, no systematic postmarket Surveillance Program exists that can monitor analytical performance and detect potential problems. This protocol will allow identification of inaccurate and unreliable BGMSs currently available on the US market. The DTS Surveillance Program will provide BGMS manufacturers a benchmark to understand the postmarket analytical performance of their products. Furthermore, patients, health care professionals, payers, and regulatory agencies will be able to use the results of the study to make informed decisions to, respectively, select, prescribe, finance, and regulate BGMSs on the market. PMID:26481642

Attacks on the AJPS Mersenne-based cryptosystem

NARCIS (Netherlands)

K. de Boer (Koen); L. Ducas (Léo); S. Jeffery (Stacey); R. M. de Wolf (Ronald)

2018-01-01

textabstractAggarwal, Joux, Prakash and Santha recently introduced a new potentially quantum-safe public-key cryptosystem, and suggested that a brute-force attack is essentially optimal against it. They consider but then dismiss both Meet-in-the-Middle attacks and LLL-based attacks. Very soon after

The political attack ad

Directory of Open Access Journals (Sweden)

Palma Peña-Jiménez, Ph.D.

2011-01-01

Full Text Available During election campaigns the political spot has a clear objective: to win votes. This message is communicated to the electorate through television and Internet, and usually presents a negative approach, which includes a direct critical message against the opponent, rather than an exposition of proposals. This article is focused on the analysis of the campaign attack video ad purposely created to encourage the disapproval of the political opponent among voters. These ads focus on discrediting the opponent, many times, through the transmission of ad hominem messages, instead of disseminating the potential of the political party and the virtues and manifesto of its candidate. The article reviews the development of the attack ad since its first appearance, which in Spain dates back to 1996, when the famous Doberman ad was broadcast, and examines the most memorable campaign attack ads.

Robust Detection of Stepping-Stone Attacks

National Research Council Canada - National Science Library

He, Ting; Tong, Lang

2006-01-01

The detection of encrypted stepping-stone attack is considered. Besides encryption and padding, the attacker is capable of inserting chaff packets and perturbing packet timing and transmission order...

77 FR 13656 - Call for Papers: National Symposium on Moving Target Research

Science.gov (United States)

2012-03-07

... a dynamic attack surface to an adversary, increasing the work factor necessary to successfully attack and exploit a cyber target. Throughout the federal government, research related to MT has been... improvement in the defense of cyber systems (a game changer),'' including how to develop better measures of...

A Framework for Attack-Resilient Industrial Control Systems : Attack Detection and Controller Reconfiguration

OpenAIRE

Paridari, Kaveh; O'Mahony, Niamh; Mady, Alie El-Din; Chabukswar, Rohan; Boubekeur, Menouer; Sandberg, Henrik

2017-01-01

Most existing industrial control systems (ICSs), such as building energy management systems (EMSs), were installed when potential security threats were only physical. With advances in connectivity, ICSs are now, typically, connected to communications networks and, as a result, can be accessed remotely. This extends the attack surface to include the potential for sophisticated cyber attacks, which can adversely impact ICS operation, resulting in service interruption, equipment damage, safety c...

MACHINE LEARNING IMPLEMENTATION FOR THE CLASSIFICATION OF ATTACKS ON WEB SYSTEMS. PART 1

Directory of Open Access Journals (Sweden)

K. Smirnova

2017-08-01

Full Text Available The possibility of applying machine learning is considered for the classification of malicious requests to a Web application. This approach excludes the use of deterministic analysis systems (for example, expert systems, and based on the application of a cascade of neural networks or perceptrons on an approximate model to the real human brain. The main idea of the work is to enable to describe complex attack vectors consisting of feature sets, abstract terms for compiling a training sample, controlling the quality of recognition and classifying each of the layers (networks participating in the work, with the ability to adjust not the entire network, But only a small part of it, in the training of which a mistake or inaccuracy crept in.  The design of the developed network can be described as a cascaded, scalable neural network.  The developed system of intrusion detection uses a three-layer neural network. Layers can be built independently of each other by cascades. In the first layer, for each class of attack recognition, there is a corresponding network and correctness is checked on this network. To learn this layer, we have chosen classes of things that can be classified uniquely as yes or no, that is, they are linearly separable. Thus, a layer is obtained not just of neurons, but of their microsets, which can best determine whether is there some data class in the query or not. The following layers are not trained to recognize the attacks themselves, they are trained that a set of attacks creates certain threats. This allows you to more accurately recognize the attacker's attempts to bypass the defense system, as well as classify the target of the attack, and not just its fact. Simple layering allows you to minimize the percentage of false positives.

Multi-site cholera surveillance within the African Cholera Surveillance Network shows endemicity in Mozambique, 2011-2015.

Science.gov (United States)

Semá Baltazar, Cynthia; Langa, José Paulo; Dengo Baloi, Liliana; Wood, Richard; Ouedraogo, Issaka; Njanpop-Lafourcade, Berthe-Marie; Inguane, Dorteia; Elias Chitio, Jucunu; Mhlanga, Themba; Gujral, Lorna; D Gessner, Bradford; Munier, Aline; A Mengel, Martin

2017-10-01

Mozambique suffers recurrent annual cholera outbreaks especially during the rainy season between October to March. The African Cholera Surveillance Network (Africhol) was implemented in Mozambique in 2011 to generate accurate detailed surveillance data to support appropriate interventions for cholera control and prevention in the country. Africhol was implemented in enhanced surveillance zones located in the provinces of Sofala (Beira), Zambézia (District Mocuba), and Cabo Delgado (Pemba City). Data were also analyzed from the three outbreak areas that experienced the greatest number of cases during the time period under observation (in the districts of Cuamba, Montepuez, and Nampula). Rectal swabs were collected from suspected cases for identification of Vibrio cholerae, as well as clinical, behavioral, and socio-demographic variables. We analyzed factors associated with confirmed, hospitalized, and fatal cholera using multivariate logistic regression models. A total of 1,863 suspected cases and 23 deaths (case fatality ratio (CFR), 1.2%) were reported from October 2011 to December 2015. Among these suspected cases, 52.2% were tested of which 23.5% were positive for Vibrio cholerae O1 Ogawa. Risk factors independently associated with the occurrence of confirmed cholera were living in Nampula city district, the year 2014, human immunodeficiency virus infection, and the primary water source for drinking. Cholera was endemic in Mozambique during the study period with a high CFR and identifiable risk factors. The study reinforces the importance of continued cholera surveillance, including a strong laboratory component. The results enhanced our understanding of the need to target priority areas and at-risk populations for interventions including oral cholera vaccine (OCV) use, and assess the impact of prevention and control strategies. Our data were instrumental in informing integrated prevention and control efforts during major cholera outbreaks in recent years.

An Adaptive Approach for Defending against DDoS Attacks

Directory of Open Access Journals (Sweden)

Muhai Li

2010-01-01

Full Text Available In various network attacks, the Distributed Denial-of-Service (DDoS attack is a severe threat. In order to deal with this kind of attack in time, it is necessary to establish a special type of defense system to change strategy dynamically against attacks. In this paper, we introduce an adaptive approach, which is used for defending against DDoS attacks, based on normal traffic analysis. The approach can check DDoS attacks and adaptively adjust its configurations according to the network condition and attack severity. In order to insure the common users to visit the victim server that is being attacked, we provide a nonlinear traffic control formula for the system. Our simulation test indicates that the nonlinear control approach can prevent the malicious attack packets effectively while making legitimate traffic flows arrive at the victim.

Countermeasures for unintentional and intentional video watermarking attacks

Science.gov (United States)

Deguillaume, Frederic; Csurka, Gabriela; Pun, Thierry

2000-05-01

These last years, the rapidly growing digital multimedia market has revealed an urgent need for effective copyright protection mechanisms. Therefore, digital audio, image and video watermarking has recently become a very active area of research, as a solution to this problem. Many important issues have been pointed out, one of them being the robustness to non-intentional and intentional attacks. This paper studies some attacks and proposes countermeasures applied to videos. General attacks are lossy copying/transcoding such as MPEG compression and digital/analog (D/A) conversion, changes of frame-rate, changes of display format, and geometrical distortions. More specific attacks are sequence edition, and statistical attacks such as averaging or collusion. Averaging attack consists of averaging locally consecutive frames to cancel the watermark. This attack works well for schemes which embed random independent marks into frames. In the collusion attack the watermark is estimated from single frames (based on image denoising), and averaged over different scenes for better accuracy. The estimated watermark is then subtracted from each frame. Collusion requires that the same mark is embedded into all frames. The proposed countermeasures first ensures robustness to general attacks by spread spectrum encoding in the frequency domain and by the use of an additional template. Secondly, a Bayesian criterion, evaluating the probability of a correctly decoded watermark, is used for rejection of outliers, and to implement an algorithm against statistical attacks. The idea is to embed randomly chosen marks among a finite set of marks, into subsequences of videos which are long enough to resist averaging attacks, but short enough to avoid collusion attacks. The Bayesian criterion is needed to select the correct mark at the decoding step. Finally, the paper presents experimental results showing the robustness of the proposed method.

Link-layer Jamming Attacks on S-MAC

NARCIS (Netherlands)

Law, Y.W.; Hartel, Pieter H.; den Hartog, Jeremy; Havinga, Paul J.M.

2004-01-01

We argue that among denial-of-service (DoS) attacks, link-layer jamming is a more attractive option to attackers than radio jamming is. By exploiting the semantics of the link-layer protocol (aka MAC protocol), an attacker can achieve better efficiency than blindly jamming the radio signals alone.

Link-layer jamming attacks on S-MAC

NARCIS (Netherlands)

Law, Y.W.; Hartel, Pieter H.; den Hartog, Jeremy; Havinga, Paul J.M.

We argue that among denial-of-service (DoS) attacks, link-layer jamming is a more attractive option to attackers than radio jamming is. By exploiting the semantics of the link-layer protocol (aka MAC protocol), an attacker can achieve better efficiency than blindly jamming the radio signals alone.

Threat Assessment of Potential Terrorist Attacks to the Transport Infrastructure

Directory of Open Access Journals (Sweden)

Gabriel Nowacki

2014-06-01

Full Text Available The paper presents threat assessment of potential terrorist attacks to the transport infrastructure. The range of transportation infrastructure has spread and includes railway, inland waterways, road, maritime, air, intermodal transport infrastructure and intelligent transport systems (ITS. ITS service is the provision of an ITS application through a well-defined organisational and operational framework with the aim of contributing to the user safety, efficiency, comfort and/or to facilitate or support transport and travel operations. Terrorism means acts of violence committed by groups that view themselves as victimized by some notable historical wrong. Although these groups have no formal connection with governments, they usually have the financial and moral backing of sympathetic governments. Typically, they stage unexpected attacks on civilian targets, including transport infrastructure, with the aim of sowing fear and confusion. Based on the analyses, transportation infrastructure is potentially threatened with terrorism attacks, especially road and rail infrastructure (about 23 %, and to a smaller degree the maritime and air transport infrastructure (about 2 %. There were 90,3% of incidents involve land transport (74,5% – vehicles, 9,5% – buses, 6,3% - rail covered the 41-year period 1967-2007 in the USA. Legal steps to fight terrorism have been taken on the international level, furthermore, some institutions have been established for this purpose.

Unified communications forensics anatomy of common UC attacks

CERN Document Server

Grant, Nicholas Mr

2013-01-01

Unified Communications Forensics: Anatomy of Common UC Attacks is the first book to explain the issues and vulnerabilities and demonstrate the attacks, forensic artifacts, and countermeasures required to establish a secure (UC) environment. This book is written by leading UC experts Nicholas Grant and Joseph W. Shaw II and provides material never before found on the market, including: analysis of forensic artifacts in common UC attacks an in-depth look at established UC technologies and attack exploits hands-on understanding of UC attack vectors and associated countermeasures

Attacks and countermeasures on AES and ECC

DEFF Research Database (Denmark)

Tange, Henrik; Andersen, Birger

2013-01-01

AES (Advanced Encryption Standard) is widely used in LTE and Wi-Fi communication systems. AES has recently been exposed to new attacks which have questioned the overall security of AES. The newest attack is a so called biclique attack, which is using the fact that the content of the state array...

Surveillance Culture

DEFF Research Database (Denmark)

2017-01-01

What does it mean to live in a world full of surveillance? In this documentary film, we take a look at everyday life in Denmark and how surveillance technologies and practices influence our norms and social behaviour. Researched and directed by Btihaj Ajana and Anders Albrechtslund....

Modelling Social-Technical Attacks with Timed Automata

DEFF Research Database (Denmark)

David, Nicolas; David, Alexandre; Hansen, Rene Rydhof

2015-01-01

. In this paper we develop an approach towards modelling socio-technical systems in general and socio-technical attacks in particular, using timed automata and illustrate its application by a complex case study. Thanks to automated model checking and automata theory, we can automatically generate possible attacks...... in our model and perform analysis and simulation of both model and attack, revealing details about the specific interaction between attacker and victim. Using timed automata also allows for intuitive modelling of systems, in which quantities like time and cost can be easily added and analysed....

Quantitative Verification and Synthesis of Attack-Defence Scenarios

DEFF Research Database (Denmark)

Aslanyan, Zaruhi; Nielson, Flemming; Parker, David

2016-01-01

analysis of quantitative properties of complex attack-defence scenarios, using an extension of attack-defence trees which models temporal ordering of actions and allows explicit dependencies in the strategies adopted by attackers and defenders. We adopt a game-theoretic approach, translating attack...... which guarantee or optimise some quantitative property, such as the probability of a successful attack, the expected cost incurred, or some multi-objective trade-off between the two. We implement our approach, building upon the PRISM-games model checker, and apply it to a case study of an RFID goods...

Situational awareness of a coordinated cyber attack

Science.gov (United States)

Sudit, Moises; Stotz, Adam; Holender, Michael

2005-03-01

As technology continues to advance, services and capabilities become computerized, and an ever increasing amount of business is conducted electronically the threat of cyber attacks gets compounded by the complexity of such attacks and the criticality of the information which must be secured. A new age of virtual warfare has dawned in which seconds can differentiate between the protection of vital information and/or services and a malicious attacker attaining their goal. In this paper we present a novel approach in the real-time detection of multistage coordinated cyber attacks and the promising initial testing results we have obtained. We introduce INFERD (INformation Fusion Engine for Real-time Decision-making), an adaptable information fusion engine which performs fusion at levels zero, one, and two to provide real-time situational assessment and its application to the cyber domain in the ECCARS (Event Correlation for Cyber Attack Recognition System) system. The advantages to our approach are fourfold: (1) The complexity of the attacks which we consider, (2) the level of abstraction in which the analyst interacts with the attack scenarios, (3) the speed at which the information fusion is presented and performed, and (4) our disregard for ad-hoc rules or a priori parameters.

An Evaluation of Provincial Infectious Disease Surveillance Reports in Ontario.

Science.gov (United States)

Chan, Ellen; Barnes, Morgan E; Sharif, Omar

Public Health Ontario (PHO) publishes various infectious disease surveillance reports, but none have yet been formally evaluated. PHO evaluated its monthly and annual infectious disease surveillance reports to assess public health stakeholders' current perception of the products and to develop recommendations for improving future products. An evaluation consisting of an online survey and a review of public Web sites of other jurisdictions with similar annual reports. For the online survey, stakeholder organizations targeted were the 36 local public health units and the Health health ministry in Ontario, Canada. Survey participants included epidemiologists, managers, directors, and other public health practitioners from participating organizations. Online survey respondents' awareness and access to the reports, their rated usefulness of reports and subsections, and suggestions for improving usefulness; timeliness of select annual reports from other jurisdictions based on the period from data described to report publication. Among 57 survey respondents, between 74% and 97% rated each report as useful; the most common use was for situational awareness. Respondents ranked timeliness as the most important attribute of surveillance reports, followed by data completeness. Among 6 annual reports reviewed, the median time to publication was 11.5 months compared with 23.2 months for PHO. Recommendations based on this evaluation have already been applied to the monthly report (eg, focusing on the most useful sections) and have become key considerations when developing future annual reports and other surveillance reporting tools (eg, need to provide more timely reports). Other public health organizations may also use this evaluation to inform aspects of their surveillance report development and evaluation. The evaluation results have provided PHO with direction on how to improve its provincial infectious disease surveillance reporting moving forward, and formed a basis for

Anti-discrimination Analysis Using Privacy Attack Strategies

KAUST Repository

Ruggieri, Salvatore

2014-09-15

Social discrimination discovery from data is an important task to identify illegal and unethical discriminatory patterns towards protected-by-law groups, e.g., ethnic minorities. We deploy privacy attack strategies as tools for discrimination discovery under hard assumptions which have rarely tackled in the literature: indirect discrimination discovery, privacy-aware discrimination discovery, and discrimination data recovery. The intuition comes from the intriguing parallel between the role of the anti-discrimination authority in the three scenarios above and the role of an attacker in private data publishing. We design strategies and algorithms inspired/based on Frèchet bounds attacks, attribute inference attacks, and minimality attacks to the purpose of unveiling hidden discriminatory practices. Experimental results show that they can be effective tools in the hands of anti-discrimination authorities.

Dead or Alive? Factors Affecting the Survival of Victims during Attacks by Saltwater Crocodiles (Crocodylus porosus) in Australia.

Science.gov (United States)

Fukuda, Yusuke; Manolis, Charlie; Saalfeld, Keith; Zuur, Alain

2015-01-01

Conflicts between humans and crocodilians are a widespread conservation challenge and the number of crocodile attacks is increasing worldwide. We identified the factors that most effectively decide whether a victim is injured or killed in a crocodile attack by fitting generalized linear models to a 42-year dataset of 87 attacks (27 fatal and 60 non-fatal) by saltwater crocodiles (Crocodylus porosus) in Australia. The models showed that the most influential factors were the difference in body mass between crocodile and victim, and the position of victim in relation to the water at the time of an attack. In-water position (for diving, swimming, and wading) had a higher risk than on-water (boating) or on-land (fishing, and hunting near the water's edge) positions. In the in-water position a 75 kg person would have a relatively high probability of survival (0.81) if attacked by a 300 cm crocodile, but the probability becomes much lower (0.17) with a 400 cm crocodile. If attacked by a crocodile larger than 450 cm, the survival probability would be extremely low (drag a victim more easily into deeper water. A higher risk associated with a larger crocodile in relation to victim's size is highlighted by children's vulnerability to fatal attacks. Since the first recently recorded fatal attack involving a child in 2006, six out of nine fatal attacks (66.7%) involved children, and the average body size of crocodiles responsible for these fatal attacks was considerably smaller (384 cm, 223 kg) than that of crocodiles that killed adults (450 cm, 324 kg) during the same period (2006-2014). These results suggest that culling programs targeting larger crocodiles may not be an effective management option to improve safety for children.

Cyberprints: Identifying Cyber Attackers by Feature Analysis

Science.gov (United States)

Blakely, Benjamin A.

2012-01-01

The problem of attributing cyber attacks is one of increasing importance. Without a solid method of demonstrating the origin of a cyber attack, any attempts to deter would-be cyber attackers are wasted. Existing methods of attribution make unfounded assumptions about the environment in which they will operate: omniscience (the ability to gather,…

Simulation of Attacks for Security in Wireless Sensor Network.

Science.gov (United States)

Diaz, Alvaro; Sanchez, Pablo

2016-11-18

The increasing complexity and low-power constraints of current Wireless Sensor Networks (WSN) require efficient methodologies for network simulation and embedded software performance analysis of nodes. In addition, security is also a very important feature that has to be addressed in most WSNs, since they may work with sensitive data and operate in hostile unattended environments. In this paper, a methodology for security analysis of Wireless Sensor Networks is presented. The methodology allows designing attack-aware embedded software/firmware or attack countermeasures to provide security in WSNs. The proposed methodology includes attacker modeling and attack simulation with performance analysis (node's software execution time and power consumption estimation). After an analysis of different WSN attack types, an attacker model is proposed. This model defines three different types of attackers that can emulate most WSN attacks. In addition, this paper presents a virtual platform that is able to model the node hardware, embedded software and basic wireless channel features. This virtual simulation analyzes the embedded software behavior and node power consumption while it takes into account the network deployment and topology. Additionally, this simulator integrates the previously mentioned attacker model. Thus, the impact of attacks on power consumption and software behavior/execution-time can be analyzed. This provides developers with essential information about the effects that one or multiple attacks could have on the network, helping them to develop more secure WSN systems. This WSN attack simulator is an essential element of the attack-aware embedded software development methodology that is also introduced in this work.

Simulation of Attacks for Security in Wireless Sensor Network

Science.gov (United States)

Diaz, Alvaro; Sanchez, Pablo

2016-01-01

The increasing complexity and low-power constraints of current Wireless Sensor Networks (WSN) require efficient methodologies for network simulation and embedded software performance analysis of nodes. In addition, security is also a very important feature that has to be addressed in most WSNs, since they may work with sensitive data and operate in hostile unattended environments. In this paper, a methodology for security analysis of Wireless Sensor Networks is presented. The methodology allows designing attack-aware embedded software/firmware or attack countermeasures to provide security in WSNs. The proposed methodology includes attacker modeling and attack simulation with performance analysis (node’s software execution time and power consumption estimation). After an analysis of different WSN attack types, an attacker model is proposed. This model defines three different types of attackers that can emulate most WSN attacks. In addition, this paper presents a virtual platform that is able to model the node hardware, embedded software and basic wireless channel features. This virtual simulation analyzes the embedded software behavior and node power consumption while it takes into account the network deployment and topology. Additionally, this simulator integrates the previously mentioned attacker model. Thus, the impact of attacks on power consumption and software behavior/execution-time can be analyzed. This provides developers with essential information about the effects that one or multiple attacks could have on the network, helping them to develop more secure WSN systems. This WSN attack simulator is an essential element of the attack-aware embedded software development methodology that is also introduced in this work. PMID:27869710

Using agility to combat cyber attacks.

Science.gov (United States)

Anderson, Kerry

2017-06-01

Some incident response practitioners feel that they have been locked in a battle with cyber criminals since the popular adoption of the internet. Initially, organisations made great inroads in preventing and containing cyber attacks. In the last few years, however, cyber criminals have become adept at eluding defence security technologies and rapidly modifying their exploit strategies for financial or political gains. Similar to changes in military combat tactics, cyber criminals utilise distributed attack cells, real-time communications, and rapidly mutating exploits to minimise the potential for detection. Cyber criminals have changed their attack paradigm. This paper describes a new incident response paradigm aimed at combating the new model of cyber attacks with an emphasis on agility to increase the organisation's ability to respond rapidly to these new challenges.

A generic rabies risk assessment tool to support surveillance.

Science.gov (United States)

Ward, Michael P; Hernández-Jover, Marta

2015-06-01

The continued spread of rabies in Indonesia poses a risk to human and animal populations in the remaining free islands, as well as the neighbouring rabies-free countries of Timor Leste, Papua New Guinea and Australia. Here we describe the development of a generic risk assessment tool which can be used to rapidly determine the vulnerability of rabies-free islands, so that scarce resources can be targeted to surveillance activities and the sensitivity of surveillance systems increased. The tool was developed by integrating information on the historical spread of rabies, anthropological studies, and the opinions of local animal health experts. The resulting tool is based on eight critical parameters that can be estimated from the literature, expert opinion, observational studies and information generated from routine surveillance. In the case study presented, results generated by this tool were most sensitive to the probability that dogs are present on private and fishing boats and it was predicted that rabies-infection (one infected case) might occur in a rabies-free island (upper 95% prediction interval) with a volume of 1000 boats movements. With 25,000 boat movements, the median of the probability distribution would be equal to one infected case, with an upper 95% prediction interval of six infected cases. This tool could also be used at the national-level to guide control and eradication plans. An initial recommendation from this study is to develop a surveillance programme to determine the likelihood that boats transport dogs, for example by port surveillance or regularly conducted surveys of fisherman and passenger ferries. However, the illegal nature of dog transportation from rabies-infected to rabies-free islands is a challenge for developing such surveillance. Copyright © 2014 Elsevier B.V. All rights reserved.

Women's Heart Disease: Heart Attack Symptoms

Science.gov (United States)

... of this page please turn JavaScript on. Feature: Women's Heart Disease Heart Attack Symptoms Past Issues / Winter ... most common heart attack symptom in men and women is chest pain or discomfort. However, women also ...

A novel proposed network security management approach for cyber attacks

International Nuclear Information System (INIS)

Ahmed, Z.; Nazir, B.; Zafar, M.F.; Anwar, M.M.; Azam, K.; Asar, A.U.

2007-01-01

Network security is a discipline that focuses on securing networks from unauthorized access. Given the Escalating threats of malicious cyber attacks, modern enterprises employ multiple lines of defense. A comprehensive defense strategy against such attacks should include (I) an attack detection component that deter- mines the fact that a program is compromised, (2) an attack identification and prevention component that identifies attack packets so that one can block such packets in the future and prevents the attack from further propagation. Over the last decade, a significant amount of research has been vested in the systems that can detect cyber attacks either statically at compile time or dynamically at run time, However, not much effort is spent on automated attack packet identification or attack prevention. In this paper we present a unified solution to the problems mentioned above. We implemented this solution after the forward engineering of Open Source Security Information Management (OSSIM) system called Preventive Information Security management (PrISM) system that correlates input from different sensors so that the resulting product can automatically detect any cyber attack against it and prevents by identifying the actual attack packet(s). The PrISM was always able to detect the attacks, identify the attack packets and most often prevent by blocking the attacker's IP address to continue normal execution. There is no additional run-time performance overhead for attack prevention. (author)

Dynamic intervention: pathogen disarmament of mitochondrial-based immune surveillance.

Science.gov (United States)

Holland, Robin L; Blanke, Steven R

2014-11-12

In this issue of Cell Host & Microbe, Suzuki et al. (2014) describe a Vibrio cholerae Type-III-secreted effector that targets mitochondrial dynamics to dampen host innate immune signaling. This suggests that mammalian hosts possess surveillance mechanisms to monitor pathogen-mediated alterations in the integrity of normal cellular processes and organelles. Copyright © 2014 Elsevier Inc. All rights reserved.

Adaptive optimisation-offline cyber attack on remote state estimator

Science.gov (United States)

Huang, Xin; Dong, Jiuxiang

2017-10-01

Security issues of cyber-physical systems have received increasing attentions in recent years. In this paper, deception attacks on the remote state estimator equipped with the chi-squared failure detector are considered, and it is assumed that the attacker can monitor and modify all the sensor data. A novel adaptive optimisation-offline cyber attack strategy is proposed, where using the current and previous sensor data, the attack can yield the largest estimation error covariance while ensuring to be undetected by the chi-squared monitor. From the attacker's perspective, the attack is better than the existing linear deception attacks to degrade the system performance. Finally, some numerical examples are provided to demonstrate theoretical results.

Cyber-physical attacks a growing invisible threat

CERN Document Server

Loukas, George

2015-01-01

Cyber-Physical Attacks: A Growing Invisible Threat presents the growing list of harmful uses of computers and their ability to disable cameras, turn off a building's lights, make a car veer off the road,  or a drone land in enemy hands. In essence, it details the ways cyber-physical attacks are replacing physical attacks in crime, warfare, and terrorism. The book explores how attacks using computers affect the physical world in ways that were previously only possible through physical means. Perpetrators can now cause damage without the same risk, and without the political, social, or moral

Review of meningitis surveillance data, upper West Region, Ghana 2009-2013.

Science.gov (United States)

Nuoh, Robert Domo; Nyarko, Kofi Mensah; Nortey, Priscilla; Sackey, Samuel Oko; Lwanga, Noora Charles; Ameme, Donne Kofi; Nuolabong, Culbert; Abdulai, Marijanatu; Wurapa, Fredrick; Afari, Edwin

2016-01-01

The Upper West region of Ghana is within the meningitis belt. Analysis of long term surveillance data is necessary for understanding changes in the disease occurrence. We analyzed five years of surveillance data to describe by person, place and time and to determine trends in meningitis. Meningitis surveillance data from Ghana Health Service in the Upper West Region, from 2009 to 2013 were reviewed. Data was obtained from District-Health Information Management System and line list from the Disease Control Unit. Population figures (denominators) and rainfall data were also analyzed. Within the period 980 cases of meningitis were reported in the region, 507(52%) females and 473(48%) males. The mean age of cases was 20.1years and standard deviation 18.8 years with, 77.6 %( 761/980) cases occurring in persons aged under 30 years. Children under five years were 19.3% (190/980). Attack rates ranged from 6.1/100,000 population in the Daffiama-bussei-Issa-district to 47.5/100,000 in Jirapa. Overall case fatality rate of meningitis was 12.2% with 14deaths/100,000 population. Bacterial agents were isolated from 35% (245/702) of CSF. Majority were Streptococcus pneumonia 48.2 % ( 122/258), and N. meningitides Y/W 135 40.3% (102/258). Meningitis was found to be seasonal with peaks in the dry season. Meningitis in the region is seasonal, and showed a decreasing trend. Jirapa, Lawra, Nadowli and Wa West districts had the highest burden. Control effort of the disease should focus on vaccination against streptococcus pneumonia and N. meningitis W135 especially within crowded settlements such as boarding schools.

Use of Attack Graphs in Security Systems

Directory of Open Access Journals (Sweden)

Vivek Shandilya

2014-01-01

Full Text Available Attack graphs have been used to model the vulnerabilities of the systems and their potential exploits. The successful exploits leading to the partial/total failure of the systems are subject of keen security interest. Considerable effort has been expended in exhaustive modeling, analyses, detection, and mitigation of attacks. One prominent methodology involves constructing attack graphs of the pertinent system for analysis and response strategies. This not only gives the simplified representation of the system, but also allows prioritizing the security properties whose violations are of greater concern, for both detection and repair. We present a survey and critical study of state-of-the-art technologies in attack graph generation and use in security system. Based on our research, we identify the potential, challenges, and direction of the current research in using attack graphs.

Research on Cooperative Combat for Integrated Reconnaissance-Attack-BDA of Group LAVs

Directory of Open Access Journals (Sweden)

Li Bing

2014-01-01

Full Text Available LAVs (loitering air vehicles are advanced weapon systems that can loiter autonomously over a target area, detect and acquire the targets, and then attack them. In this paper, by the theory of Itô stochastic differential, a group system was analyzed. The uniqueness and continuity of the solution of the system was discussed. Afterwards the model of the system based on the state transition was established with the finite state machine automatically. At last, a search algorithm was proposed for obtaining good feasible solutions for problems. And simulation results show that model and method are effective for dealing with cooperative combat of group LAVs.

Telephone-based social engineering attacks: An experiment testing the success and time decay of an intervention

NARCIS (Netherlands)

Bullee, Jan-Willem; Montoya, L.; Junger, Marianne; Hartel, Pieter H.; Mathur, A.; Roychoudhury, A.

The objective of this study is to get insight into the effectiveness of an information campaign to counter a social engineering attack via the telephone. Four different offenders phoned 48 employees and made them believe that their PC was distributing spam emails. Targets were told that this

A fatal elephant attack.

Science.gov (United States)

Hejna, Petr; Zátopková, Lenka; Safr, Miroslav

2012-01-01

A rare case of an elephant attack is presented. A 44-year-old man working as an elephant keeper was attacked by a cow elephant when he tripped over a foot chain while the animal was being medically treated. The man fell down and was consequently repeatedly attacked with elephant tusks. The man sustained multiple stab injuries to both groin regions, a penetrating injury to the abdominal wall with traumatic prolapse of the loops of the small bowel, multiple defects of the mesentery, and incomplete laceration of the abdominal aorta with massive bleeding into the abdominal cavity. In addition to the penetrating injuries, the man sustained multiple rib fractures with contusion of both lungs and laceration of the right lobe of the liver, and comminuted fractures of the pelvic arch and left femoral body. The man died shortly after he had been received at the hospital. The cause of death was attributed to traumatic shock. © 2011 American Academy of Forensic Sciences.

A Novel Surveillance System Applied in Civil Airport

Directory of Open Access Journals (Sweden)

Sun Hua Bo

2016-01-01

Full Text Available Conventional security monitoring of civil airport usually uses a fixed camera to acquire images. There are several problems with performance including difficulties introduced in the information transmission, storage, and analysis of the process. Insect compound eyes offer unique advantages for moving target capture and these have attracted the attention of many researchers in recent years. This paper contributes to this research by proposing a new surveillance system applied in civil airport. We discuss the finished bionic structure of the system, the development of the bionic control circuit, and introduce the proposed mathematical model of bionic compound eyes for data acquisition and image mosaic. Image matching for large view is also illustrated with different conditions. This mode and algorithm effectively achieve safety surveillance of airport with large field of view and high real-time processing.

Cyber Attacks, Information Attacks, and Postmodern Warfare

Directory of Open Access Journals (Sweden)

Valuch Jozef

2017-06-01

Full Text Available The aim of this paper is to evaluate and differentiate between the phenomena of cyberwarfare and information warfare, as manifestations of what we perceive as postmodern warfare. We describe and analyse the current examples of the use the postmodern warfare and the reactions of states and international bodies to these phenomena. The subject matter of this paper is the relationship between new types of postmodern conflicts and the law of armed conflicts (law of war. Based on ICJ case law, it is clear that under current legal rules of international law of war, cyber attacks as well as information attacks (often performed in the cyberspace as well can only be perceived as “war” if executed in addition to classical kinetic warfare, which is often not the case. In most cases perceived “only” as a non-linear warfare (postmodern conflict, this practice nevertheless must be condemned as conduct contrary to the principles of international law and (possibly a crime under national laws, unless this type of conduct will be recognized by the international community as a “war” proper, in its new, postmodern sense.

Multi-site cholera surveillance within the African Cholera Surveillance Network shows endemicity in Mozambique, 2011–2015

Science.gov (United States)

Langa, José Paulo; Dengo Baloi, Liliana; Wood, Richard; Ouedraogo, Issaka; Njanpop-Lafourcade, Berthe-Marie; Inguane, Dorteia; Elias Chitio, Jucunu; Mhlanga, Themba; Gujral, Lorna; D. Gessner, Bradford; Munier, Aline; A. Mengel, Martin

2017-01-01

Background Mozambique suffers recurrent annual cholera outbreaks especially during the rainy season between October to March. The African Cholera Surveillance Network (Africhol) was implemented in Mozambique in 2011 to generate accurate detailed surveillance data to support appropriate interventions for cholera control and prevention in the country. Methodology/Principal findings Africhol was implemented in enhanced surveillance zones located in the provinces of Sofala (Beira), Zambézia (District Mocuba), and Cabo Delgado (Pemba City). Data were also analyzed from the three outbreak areas that experienced the greatest number of cases during the time period under observation (in the districts of Cuamba, Montepuez, and Nampula). Rectal swabs were collected from suspected cases for identification of Vibrio cholerae, as well as clinical, behavioral, and socio-demographic variables. We analyzed factors associated with confirmed, hospitalized, and fatal cholera using multivariate logistic regression models. A total of 1,863 suspected cases and 23 deaths (case fatality ratio (CFR), 1.2%) were reported from October 2011 to December 2015. Among these suspected cases, 52.2% were tested of which 23.5% were positive for Vibrio cholerae O1 Ogawa. Risk factors independently associated with the occurrence of confirmed cholera were living in Nampula city district, the year 2014, human immunodeficiency virus infection, and the primary water source for drinking. Conclusions/Significance Cholera was endemic in Mozambique during the study period with a high CFR and identifiable risk factors. The study reinforces the importance of continued cholera surveillance, including a strong laboratory component. The results enhanced our understanding of the need to target priority areas and at-risk populations for interventions including oral cholera vaccine (OCV) use, and assess the impact of prevention and control strategies. Our data were instrumental in informing integrated prevention and

Machine Learning Methods for Attack Detection in the Smart Grid.

Science.gov (United States)

Ozay, Mete; Esnaola, Inaki; Yarman Vural, Fatos Tunay; Kulkarni, Sanjeev R; Poor, H Vincent

2016-08-01

Attack detection problems in the smart grid are posed as statistical learning problems for different attack scenarios in which the measurements are observed in batch or online settings. In this approach, machine learning algorithms are used to classify measurements as being either secure or attacked. An attack detection framework is provided to exploit any available prior knowledge about the system and surmount constraints arising from the sparse structure of the problem in the proposed approach. Well-known batch and online learning algorithms (supervised and semisupervised) are employed with decision- and feature-level fusion to model the attack detection problem. The relationships between statistical and geometric properties of attack vectors employed in the attack scenarios and learning algorithms are analyzed to detect unobservable attacks using statistical learning methods. The proposed algorithms are examined on various IEEE test systems. Experimental analyses show that machine learning algorithms can detect attacks with performances higher than attack detection algorithms that employ state vector estimation methods in the proposed attack detection framework.

Transient Ischemic Attack

Medline Plus

Full Text Available ... stroke symptoms. Popular Topics TIA Cardiac Catheter Cholesterol Heart Attack Stent © 2018, American Heart Association, Inc. All rights reserved. Unauthorized use prohibited. ...

The Typhoid Fever Surveillance in Africa Program (TSAP): Clinical, Diagnostic, and Epidemiological Methodologies.

Science.gov (United States)

von Kalckreuth, Vera; Konings, Frank; Aaby, Peter; Adu-Sarkodie, Yaw; Ali, Mohammad; Aseffa, Abraham; Baker, Stephen; Breiman, Robert F; Bjerregaard-Andersen, Morten; Clemens, John D; Crump, John A; Cruz Espinoza, Ligia Maria; Deerin, Jessica Fung; Gasmelseed, Nagla; Sow, Amy Gassama; Im, Justin; Keddy, Karen H; Cosmas, Leonard; May, Jürgen; Meyer, Christian G; Mintz, Eric D; Montgomery, Joel M; Olack, Beatrice; Pak, Gi Deok; Panzner, Ursula; Park, Se Eun; Rakotozandrindrainy, Raphaël; Schütt-Gerowitt, Heidi; Soura, Abdramane Bassiahi; Warren, Michelle R; Wierzba, Thomas F; Marks, Florian

2016-03-15

New immunization programs are dependent on data from surveillance networks and disease burden estimates to prioritize target areas and risk groups. Data regarding invasive Salmonella disease in sub-Saharan Africa are currently limited, thus hindering the implementation of preventive measures. The Typhoid Fever Surveillance in Africa Program (TSAP) was established by the International Vaccine Institute to obtain comparable incidence data on typhoid fever and invasive nontyphoidal Salmonella (iNTS) disease in sub-Saharan Africa through standardized surveillance in multiple countries. Standardized procedures were developed and deployed across sites for study site selection, patient enrolment, laboratory procedures, quality control and quality assurance, assessment of healthcare utilization and incidence calculations. Passive surveillance for bloodstream infections among febrile patients was initiated at thirteen sentinel sites in ten countries (Burkina Faso, Ethiopia, Ghana, Guinea-Bissau, Kenya, Madagascar, Senegal, South Africa, Sudan, and Tanzania). Each TSAP site conducted case detection using these standardized methods to isolate and identify aerobic bacteria from the bloodstream of febrile patients. Healthcare utilization surveys were conducted to adjust population denominators in incidence calculations for differing healthcare utilization patterns and improve comparability of incidence rates across sites. By providing standardized data on the incidence of typhoid fever and iNTS disease in sub-Saharan Africa, TSAP will provide vital input for targeted typhoid fever prevention programs. © The Author 2016. Published by Oxford University Press for the Infectious Diseases Society of America. All rights reserved. For permissions, e-mail journals.permissions@oup.com.

Application distribution model and related security attacks in VANET

Science.gov (United States)

Nikaein, Navid; Kanti Datta, Soumya; Marecar, Irshad; Bonnet, Christian

2013-03-01

In this paper, we present a model for application distribution and related security attacks in dense vehicular ad hoc networks (VANET) and sparse VANET which forms a delay tolerant network (DTN). We study the vulnerabilities of VANET to evaluate the attack scenarios and introduce a new attacker`s model as an extension to the work done in [6]. Then a VANET model has been proposed that supports the application distribution through proxy app stores on top of mobile platforms installed in vehicles. The steps of application distribution have been studied in detail. We have identified key attacks (e.g. malware, spamming and phishing, software attack and threat to location privacy) for dense VANET and two attack scenarios for sparse VANET. It has been shown that attacks can be launched by distributing malicious applications and injecting malicious codes to On Board Unit (OBU) by exploiting OBU software security holes. Consequences of such security attacks have been described. Finally, countermeasures including the concepts of sandbox have also been presented in depth.

Nonepileptic attack disorder among married women.

Science.gov (United States)

Dhanaraj, M; Rangaraj, R; Arulmozhi, T; Vengatesan, A

2005-06-01

To study the clinical features, precipitating stressful life events and prognosis of nonepileptic attack disorder (NEAD) among married women. Prospective cohort study with 1-year follow-up. A tertiary care teaching hospital. Of the 1020 patients with epilepsy referred to the epilepsy clinic during 2002-2003, 30 were married women with NEAD. The diagnostic criteria for NEAD included normal EEG during ictal and post-ictal phase of the generalized 'attack.' The data collected included clinical characteristics, semiology of the attacks, precipitating stressful events, and co-morbid psychiatric disorders. The control group included 30 age-matched married women with generalized tonic-clonic seizures. The long-term outcome and factors influencing the outcomes were analyzed. The mean duration of illness was 18 months, and the pattern of the attack was 'fall and lying still' in 53% and 'fall with generalized motor movements' in 47%. The frequency was one or more per week in 57% and occasionally in 43%. The important stressful events were matrimonial discord following illegal relationship of the husband with another woman (chi2 = 9.02, P = 0.003) and constant quarrel with other family members (chi2 = 5.19, P = 0.02). The prevalence of sexual abuse was low (7%). Co-morbid psychiatric disorder was observed in 70%. At the end of 1 year, 39% were free from the attack. Resolution of the stressful life events (chi2 = 4.52, P = 0.03) and lower frequency of attack at the time of reporting (chi2 = 3.88, P = 0.05) correlated with good outcomes. Among patients with NEAD in India, the major precipitating factors were matrimonial discord following illegal relationship of the husband with another woman and constant quarrel with other family members and not sexual abuse. Women with low frequency of attack at the time of reporting and the remission of the stressful events had better outcomes.

Fusion-based multi-target tracking and localization for intelligent surveillance systems

Science.gov (United States)

Rababaah, Haroun; Shirkhodaie, Amir

2008-04-01

In this paper, we have presented two approaches addressing visual target tracking and localization in complex urban environment. The two techniques presented in this paper are: fusion-based multi-target visual tracking, and multi-target localization via camera calibration. For multi-target tracking, the data fusion concepts of hypothesis generation/evaluation/selection, target-to-target registration, and association are employed. An association matrix is implemented using RGB histograms for associated tracking of multi-targets of interests. Motion segmentation of targets of interest (TOI) from the background was achieved by a Gaussian Mixture Model. Foreground segmentation, on other hand, was achieved by the Connected Components Analysis (CCA) technique. The tracking of individual targets was estimated by fusing two sources of information, the centroid with the spatial gating, and the RGB histogram association matrix. The localization problem is addressed through an effective camera calibration technique using edge modeling for grid mapping (EMGM). A two-stage image pixel to world coordinates mapping technique is introduced that performs coarse and fine location estimation of moving TOIs. In coarse estimation, an approximate neighborhood of the target position is estimated based on nearest 4-neighbor method, and in fine estimation, we use Euclidean interpolation to localize the position within the estimated four neighbors. Both techniques were tested and shown reliable results for tracking and localization of Targets of interests in complex urban environment.

Cost analysis of an integrated vaccine-preventable disease surveillance system in Costa Rica.

Science.gov (United States)

Toscano, C M; Vijayaraghavan, M; Salazar-Bolaños, H M; Bolaños-Acuña, H M; Ruiz-González, A I; Barrantes-Solis, T; Fernández-Vargas, I; Panero, M S; de Oliveira, L H; Hyde, T B

2013-07-02

Following World Health Organization recommendations set forth in the Global Framework for Immunization Monitoring and Surveillance, Costa Rica in 2009 became the first country to implement integrated vaccine-preventable disease (iVPD) surveillance, with support from the U.S. Centers for Disease Control and Prevention (CDC) and the Pan American Health Organization (PAHO). As surveillance for diseases prevented by new vaccines is integrated into existing surveillance systems, these systems could cost more than routine surveillance for VPDs targeted by the Expanded Program on Immunization. We estimate the costs associated with establishing and subsequently operating the iVPD surveillance system at a pilot site in Costa Rica. We retrospectively collected data on costs incurred by the institutions supporting iVPD surveillance during the preparatory (January 2007 through August 2009) and implementation (September 2009 through August 2010) phases of the iVPD surveillance project in Costa Rica. These data were used to estimate costs for personnel, meetings, infrastructure, office equipment and supplies, transportation, and laboratory facilities. Costs incurred by each of the collaborating institutions were also estimated. During the preparatory phase, the estimated total cost was 128,000 U.S. dollars (US$), including 64% for personnel costs. The preparatory phase was supported by CDC and PAHO. The estimated cost for 1 year of implementation was US$ 420,000, including 58% for personnel costs, 28% for laboratory costs, and 14% for meeting, infrastructure, office, and transportation costs combined. The national reference laboratory and the PAHO Costa Rica office incurred 64% of total costs, and other local institutions supporting iVPD surveillance incurred the remaining 36%. Countries planning to implement iVPD surveillance will require adequate investments in human resources, laboratories, data management, reporting, and investigation. Our findings will be valuable for

A mortality index for postmarketing surveillance of new medications.

Science.gov (United States)

Rose, J C; Unis, A S

2000-03-01

The rate of introduction of new pharmaceuticals is growing as a result of advances in molecular pharmacology and targeted drug development. The Fatal Toxicity Index (FTI) has been proposed as a means for monitoring drug toxicity through post-marketing surveillance. The FTI requires data regarding the general availability of a particular agent in the community which, in the US, is proprietary. The authors propose a Mortality Index as an alternative method for calculating relative lethality that does not rely on proprietary information for postmarketing surveillance. Using data from the Toxic Exposure Surveillance System (TESS) a Mortality Index was calculated from the proportion of deaths occurring among all patients who present to a health care facility with an overdose on the same agent or class of agents. The average Mortality Index for various drugs or drug classes for the years 1989 to 1997 is reported. Because the Mortality Index for desipramine appeared much greater than that for the other tricyclics, a chi-squared analysis was performed. The authors conclude, based on this analysis, that desipramine is significantly more likely to lead to death after overdosage than any other tricyclic antidepressant in the study. Also, the Mortality Index appeared to identify the impact of pediatric formulations on overdose lethality. We conclude that the Mortality Index may be a useful tool for determining the safety of agents during the postmarketing surveillance phase.

An Algorithm of Traffic Perception of DDoS Attacks against SOA Based on Time United Conditional Entropy

Directory of Open Access Journals (Sweden)

Yuntao Zhao

2016-01-01

Full Text Available DDoS attacks can prevent legitimate users from accessing the service by consuming resource of the target nodes, whose availability of network and service is exposed to a significant threat. Therefore, DDoS traffic perception is the premise and foundation of the whole system security. In this paper the method of DDoS traffic perception for SOA network based on time united conditional entropy was proposed. According to many-to-one relationship mapping between the source IP address and destination IP addresses of DDoS attacks, traffic characteristics of services are analyzed based on conditional entropy. The algorithm is provided with perception ability of DDoS attacks on SOA services by introducing time dimension. Simulation results show that the novel method can realize DDoS traffic perception with analyzing abrupt variation of conditional entropy in time dimension.

Optimizing power system investments and resilience against attacks

International Nuclear Information System (INIS)

Fang, Yiping; Sansavini, Giovanni

2017-01-01

This paper studies the combination of capacity expansion and switch installation in electric systems that ensures optimum performance under nominal operations and attacks. The planner–attacker–defender model is adopted to develop decisions that minimize investment and operating costs, and functionality loss after attacks. The model bridges long-term system planning for transmission expansion and short-term switching operations in reaction to attacks. The mixed-integer optimization is solved by decomposition via two-layer cutting plane algorithm. Numerical results on an IEEE system shows that small investments in transmission line switching enhance resilience by responding to disruptions via system reconfiguration. Sensitivity analyses show that transmission planning under the assumption of small-scale attacks provides the most robust strategy, i.e. the minimum-regret planning, if many constraints and limited investment budget affect the planning. On the other hand, the assumption of large-scale attacks provides the most robust strategy if the planning process involves large flexibility and budget. - Highlights: • Investment optimization in power systems under attacks is presented. • Capacity expansion and switch installation for system reconfiguration are combined. • The problem is solved by decomposition via two-layer cutting plane algorithm. • Small investments in switch installation enhance resilience by response to attacks. • Sensitivity analyses identify robust planning against different attack scenarios.

Attacker Modelling in Ubiquitous Computing Systems

DEFF Research Database (Denmark)

Papini, Davide

in with our everyday life. This future is visible to everyone nowadays: terms like smartphone, cloud, sensor, network etc. are widely known and used in our everyday life. But what about the security of such systems. Ubiquitous computing devices can be limited in terms of energy, computing power and memory...... attacker remain somehow undened and still under extensive investigation. This Thesis explores the nature of the ubiquitous attacker with a focus on how she interacts with the physical world and it denes a model that captures the abilities of the attacker. Furthermore a quantitative implementation...

Peacetime Use of Computer Network Attack

National Research Council Canada - National Science Library

Busby, Daniel

2000-01-01

.... PDD-63 alerts the nation to prepare for impending cyber attacks. This paper examines the nature, scale, and likelihood of cyber attacks posited in PDD-63 and finds that the country does not face an imminent "electronic Pearl Harbor...

Denial of Service Attack Techniques: Analysis, Implementation and Comparison

Directory of Open Access Journals (Sweden)

Khaled Elleithy

2005-02-01

Full Text Available A denial of service attack (DOS is any type of attack on a networking structure to disable a server from servicing its clients. Attacks range from sending millions of requests to a server in an attempt to slow it down, flooding a server with large packets of invalid data, to sending requests with an invalid or spoofed IP address. In this paper we show the implementation and analysis of three main types of attack: Ping of Death, TCP SYN Flood, and Distributed DOS. The Ping of Death attack will be simulated against a Microsoft Windows 95 computer. The TCP SYN Flood attack will be simulated against a Microsoft Windows 2000 IIS FTP Server. Distributed DOS will be demonstrated by simulating a distribution zombie program that will carry the Ping of Death attack. This paper will demonstrate the potential damage from DOS attacks and analyze the ramifications of the damage.

Dead or Alive? Factors Affecting the Survival of Victims during Attacks by Saltwater Crocodiles (Crocodylus porosus in Australia.

Directory of Open Access Journals (Sweden)

Yusuke Fukuda

Full Text Available Conflicts between humans and crocodilians are a widespread conservation challenge and the number of crocodile attacks is increasing worldwide. We identified the factors that most effectively decide whether a victim is injured or killed in a crocodile attack by fitting generalized linear models to a 42-year dataset of 87 attacks (27 fatal and 60 non-fatal by saltwater crocodiles (Crocodylus porosus in Australia. The models showed that the most influential factors were the difference in body mass between crocodile and victim, and the position of victim in relation to the water at the time of an attack. In-water position (for diving, swimming, and wading had a higher risk than on-water (boating or on-land (fishing, and hunting near the water's edge positions. In the in-water position a 75 kg person would have a relatively high probability of survival (0.81 if attacked by a 300 cm crocodile, but the probability becomes much lower (0.17 with a 400 cm crocodile. If attacked by a crocodile larger than 450 cm, the survival probability would be extremely low (<0.05 regardless of the victim's size. These results indicate that the main cause of death during a crocodile attack is drowning and larger crocodiles can drag a victim more easily into deeper water. A higher risk associated with a larger crocodile in relation to victim's size is highlighted by children's vulnerability to fatal attacks. Since the first recently recorded fatal attack involving a child in 2006, six out of nine fatal attacks (66.7% involved children, and the average body size of crocodiles responsible for these fatal attacks was considerably smaller (384 cm, 223 kg than that of crocodiles that killed adults (450 cm, 324 kg during the same period (2006-2014. These results suggest that culling programs targeting larger crocodiles may not be an effective management option to improve safety for children.

Attacks on IEEE 802.11 wireless networks

Directory of Open Access Journals (Sweden)

Dejan Milan Tepšić

2013-06-01

Full Text Available Security of wireless computer networks was initially secured with the WEP security protocol, which relies on the RC4 encryption algorithm and the CRC algorithm to check the integrity. The basic problems of the WEP are a short initialization vector, unsafe data integrity checking, using a common key, the lack of mechanisms for management and exchange of keys, the lack of protection from the endless insertion of the same package into the network, the lack of authentication of access points and the like. The consequences of these failures are easy attacks against the WEP network, namely their complete insecurity. Therefore, the work began on the IEEE 802.11i protocol, which should radically improve the security of wireless networks. Since the development of a protocol lasted, the WPA standard was released to offset the security gap caused by the WEP. The WPA also relies on RC4 and CRC algorithms, but brings temporary keys and the MIC algorithm for data integrity. The 802.1X authentication was introduced and common keys are no longer needed, since it is possible to use an authentication server. The length of the initialization vector was increased and the vector is obtained based on the packet serial number, in order to prevent the insertion of the same packet into the network. The weakness of the WPA security mechanism is the use of a common key. WPA2 (802.11i later appeared. Unlike the WPA mechanism that worked on old devices with the replacement of software, WPA2 requires new network devices that can perform AES encryption. AES replaces the RC4 algorithm and delivers much greater security. Data integrity is protected by encryption. Despite progress, there are still weaknesses in wireless networks. Attacks for denial of service are possible as well as spoofing package headers attacks. For now, it is not advisable to use wireless networks in environments where unreliability and unavailability are not tolerated. Introduction In the entire history of

Factors for poor prognosis of near-fatal asthma after recovery from a life-threatening asthma attack.

Science.gov (United States)

Kim, Myung Shin; Cho, Young Joo; Moon, Hee Bom; Cho, Sang Heon

2008-12-01

The aim of this study was to investigate poor prognostic factors associated with a near-fatal asthma attack following patient recovery. We enrolled 68 patients who suffered near-fatal asthma attacks and were admitted to the intensive care units of five university hospitals. The patients were divided into two groups. The first group was comprised of patients who discontinued oral corticosteroids within 6 months after being discharged from the hospital and who maintained a forced expiratory volume in 1 s (FEV(1)) >/=60% of the maximum or estimated values of the corresponding patients. The second group included patients who continued on oral corticosteroids for >/=6 months or who maintained a FEV(1) asthma, factors for a poor prognosis included older age [48.47+/-3.53 vs. 64.69+/-2.59 years, pasthma, high values for inflammation-related laboratory markers (ESR, 8.75+/-2.05 vs. 23.88+/-4.40 mm/h, p=0.004; CRP, 1.72+/-0.46 vs. 6.68+/-9.36 mg/dL, pasthma exacerbated by pneumonia (28.1 vs. 52.8%, pasthma or the need for continual oral corticosteroids after being discharged from the hospital. Patients with these factors should be treated appropriately, under close surveillance.

Temporal Cyber Attack Detection.

Energy Technology Data Exchange (ETDEWEB)

Ingram, Joey Burton [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Draelos, Timothy J. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Galiardi, Meghan [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Doak, Justin E. [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

2017-11-01

Rigorous characterization of the performance and generalization ability of cyber defense systems is extremely difficult, making it hard to gauge uncertainty, and thus, confidence. This difficulty largely stems from a lack of labeled attack data that fully explores the potential adversarial space. Currently, performance of cyber defense systems is typically evaluated in a qualitative manner by manually inspecting the results of the system on live data and adjusting as needed. Additionally, machine learning has shown promise in deriving models that automatically learn indicators of compromise that are more robust than analyst-derived detectors. However, to generate these models, most algorithms require large amounts of labeled data (i.e., examples of attacks). Algorithms that do not require annotated data to derive models are similarly at a disadvantage, because labeled data is still necessary when evaluating performance. In this work, we explore the use of temporal generative models to learn cyber attack graph representations and automatically generate data for experimentation and evaluation. Training and evaluating cyber systems and machine learning models requires significant, annotated data, which is typically collected and labeled by hand for one-off experiments. Automatically generating such data helps derive/evaluate detection models and ensures reproducibility of results. Experimentally, we demonstrate the efficacy of generative sequence analysis techniques on learning the structure of attack graphs, based on a realistic example. These derived models can then be used to generate more data. Additionally, we provide a roadmap for future research efforts in this area.

Evaluation of the Effectiveness and Cost-Effectiveness of Personalized Surveillance After Colorectal Adenomatous Polypectomy.

Science.gov (United States)

McFerran, Ethna; O'Mahony, James F; Fallis, Richard; McVicar, Duncan; Zauber, Ann G; Kee, Frank

2017-01-01

Lifetime risk of developing colorectal cancer is 5%, and 5-year survival at early stage is 92%. Individuals with precancerous lesions removed at primary screening are typically recommended surveillance colonoscopy. Because greater benefits are anticipated for those with higher risk of colorectal cancer, scope for risk-specific surveillance recommendations exists. This review assesses published cost-effectiveness estimates of postpolypectomy surveillance to consider the potential for personalized recommendations by risk group. Meta-analyses of incidence of advanced neoplasia postpolypectomy for low-risk cases were comparable to those without adenoma, with both rates under the lifetime risk of 5%. This group may not benefit from intensive surveillance, which risks unnecessary harm and inefficient use of often scarce colonoscopy capacity. Therefore, greater personalization through deintensified strategies for low-risk individuals could be beneficial. The potential for noninvasive testing, such as fecal immunochemical tests, combined with primary prevention or chemoprevention may reserve colonoscopy for targeted use in personalized risk-stratified surveillance. This review appraised evidence supporting a program of personalized surveillance in patients with colorectal adenoma according to risk group and compared the effectiveness of surveillance colonoscopy with alternative prevention strategies. It assessed trade-offs among costs, benefits, and adverse effects that must be considered in a decision to adopt or reject personalized surveillance. © The Author 2017. Published by Oxford University Press on behalf of the Johns Hopkins Bloomberg School of Public Health. All rights reserved. For permissions, please e-mail: journals.permissions@oup.com.

United States Seaport Security: Protection Against a Nuclear Device Attack Delivered in a Shipping Cargo Container

Science.gov (United States)

2014-06-13

off a radioactive dirty bomb, and on 29 June Moldavian undercover security agents posing as a North African buyer arrested six men trying to sell...military targets in various countries, including the 11 September 2001 attacks, 1998 U.S. Embassy bombings, USS Cole bombings, and 2002 Bali bombings

12 CFR 263.17 - Collateral attacks on adjudicatory proceeding.

Science.gov (United States)

2010-01-01

... 12 Banks and Banking 3 2010-01-01 2010-01-01 false Collateral attacks on adjudicatory proceeding... Collateral attacks on adjudicatory proceeding. If an interlocutory appeal or collateral attack is brought in... shall be excused based on the pendency before any court of any interlocutory appeal or collateral attack. ...

12 CFR 509.17 - Collateral attacks on adjudicatory proceeding.

Science.gov (United States)

2010-01-01

... 12 Banks and Banking 5 2010-01-01 2010-01-01 false Collateral attacks on adjudicatory proceeding....17 Collateral attacks on adjudicatory proceeding. If an interlocutory appeal or collateral attack is... shall be excused based on the pendency before any court of any interlocutory appeal or collateral attack. ...

Vulnerability Assessment by Learning Attack Specifications in Graphs

NARCIS (Netherlands)

Nunes Leal Franqueira, V.; Lopes, Raul H.C.

This paper presents an evolutionary approach for learning attack specifications that describe attack scenarios. The objective is to find vulnerabilities in computer networks which minimise the cost of an attack with maximum impact. Although we focus on Insider Threat, the proposed approach applies

Assessment of High and Low Rate Protocol-based Attacks on Ethernet Networks

OpenAIRE

Mina Malekzadeh; M.A. Beiruti; M.H. Shahrokh Abadi

2015-01-01

The Internet and Web have significantly transformed the world’s communication system. The capability of the Internet to instantly access information at anytime from anywhere has brought benefit for a wide variety of areas including business, government, education, institutions, medical, and entertainment services. However, the Internet has also opened up the possibilities for hackers to exploit flaws and limitations in the target networks to attack and break in without gaining physical access...

Cells responsible for tumor surveillance in man: effects of radiotherapy, chemotherapy, and biologic response modifiers

International Nuclear Information System (INIS)

Reizenstein, P.; Ogier, C.; Blomgren, H.; Petrini, B.; Wasserman, J.

1985-01-01

Currently, the most probable theory of tumor surveillance is neither the existence of any tumor-specific, antigen-dependent, T-cell-mediated cytotoxic effect that could eliminate spontaneous tumors in man and that could be used for some kind of vaccination against tumors, nor the complete absence of any surveillance or defense systems against tumors. What is probable is the cooperation of a number of antigen-independent, relatively weakly cytotoxic or possibly only cytostatic humoral and cellular effects, including nutritional immunity, tumor necrosis factor, certain cytokines, and the cytotoxic effects mediated by macrophages, NK cells, NK-like cells, and certain stimulated T-cells. One question remaining to be solved is why these antigen-independent effects do not attack normal cells. A number of plausible hypotheses are discussed. The hypothetical surveillance system is modulated both by traditional cancer treatment and by attempts at immunomodulation. Radiotherapy reduced the T-helper cell function for almost a decade, but not those of macrophages or NK cells. T-cell changes have no prognostic implication, supporting, perhaps, the suggestion of a major role for macrophages and NK cells. Cyclic adjuvant chemotherapy reduces the peripheral lymphocyte population and several lymphocyte functions but not NK activity. Most of the parameters were normalized some years following treatment, but NK activity remained elevated and Th/Ts cell ratio was still decreased. This might possibly be taken to support the surveillance role of NK cells. Bestatin increases the frequency of lymphocytes forming rosettes with sheep red blood cells (but not their mitogenic responses), enhances NK activity, and augments the phagocytic capacity of granulocytes and monocytes (but not their cytotoxic activity). 154 references

Attack Tree Generation by Policy Invalidation

NARCIS (Netherlands)

Ivanova, Marieta Georgieva; Probst, Christian W.; Hansen, René Rydhof; Kammüller, Florian; Naeem Akram, R.; Jajodia, S.

2015-01-01

Attacks on systems and organisations increasingly exploit human actors, for example through social engineering, complicating their formal treatment and automatic identi﬿cation. Formalisation of human behaviour is difficult at best, and attacks on socio-technical systems are still mostly identi﬿ed

Limits on surveillance: frictions, fragilities and failures in the operation of camera surveillance.

NARCIS (Netherlands)

Dubbeld, L.

2004-01-01

Public video surveillance tends to be discussed in either utopian or dystopian terms: proponents maintain that camera surveillance is the perfect tool in the fight against crime, while critics argue that the use of security cameras is central to the development of a panoptic, Orwellian surveillance

Colonoscopy surveillance for dysplasia and colorectal cancer in patients with inflammatory bowel disease

DEFF Research Database (Denmark)

Aalykke, Claus; Jensen, Michael Dam; Fallingborg, Jan

2015-01-01

The risk of colorectal cancer (CRC) and dysplasia in patients with inflammatory bowel disease (IBD) has been highly debated as risk estimates from different studies vary greatly. The present national Danish guideline on colonoscopy surveillance for dysplasia and colorectal cancer in patients......, in some subgroups of patients the risk is increased. These subgroups of patients, who should be offered colonoscopy surveillance, include patients with ulcerative colitis having extensive disease and a long disease duration (10-13 years); early age at onset (less than 19 years of age) of ulcerative...... colitis; and patients with ulcerative colitis as well as Crohn´s disease with a concomitant diagnosis of primary sclerosing cholangitis. A colonoscopy surveillance program is recommended in these subgroups with intervals ranging from every 3-6 months to every 5 years, using chromoendoscopy with targeted...

TDMA X-band FMCW MIMO radar for short range surveillance applications

NARCIS (Netherlands)

Belfiori, F.; Maas, A.P.M.; Hoogeboom, P.; Rossum, W.L. van

2011-01-01

The work presented in this paper was aimed at the design of a compact radar device to be used for private area surveillance applications. The radar is connected to a pan tilt zoom camera and it provides the camera system with high accuracy position information (bearing and range) of moving targets;

Neural network classifier of attacks in IP telephony

Science.gov (United States)

Safarik, Jakub; Voznak, Miroslav; Mehic, Miralem; Partila, Pavol; Mikulec, Martin

2014-05-01

Various types of monitoring mechanism allow us to detect and monitor behavior of attackers in VoIP networks. Analysis of detected malicious traffic is crucial for further investigation and hardening the network. This analysis is typically based on statistical methods and the article brings a solution based on neural network. The proposed algorithm is used as a classifier of attacks in a distributed monitoring network of independent honeypot probes. Information about attacks on these honeypots is collected on a centralized server and then classified. This classification is based on different mechanisms. One of them is based on the multilayer perceptron neural network. The article describes inner structure of used neural network and also information about implementation of this network. The learning set for this neural network is based on real attack data collected from IP telephony honeypot called Dionaea. We prepare the learning set from real attack data after collecting, cleaning and aggregation of this information. After proper learning is the neural network capable to classify 6 types of most commonly used VoIP attacks. Using neural network classifier brings more accurate attack classification in a distributed system of honeypots. With this approach is possible to detect malicious behavior in a different part of networks, which are logically or geographically divided and use the information from one network to harden security in other networks. Centralized server for distributed set of nodes serves not only as a collector and classifier of attack data, but also as a mechanism for generating a precaution steps against attacks.

Endophagy of biting midges attacking cavity-nesting birds.

Science.gov (United States)

Votýpka, J; Synek, P; Svobodová, M

2009-09-01

Feeding behaviour, host preferences and the spectrum of available hosts determine the role of vectors in pathogen transmission. Feeding preferences of blood-feeding Diptera depend on, among others factors, the willingness of flies to attack their hosts either in the open (exophagy) or in enclosed places (endophagy). As far as ornithophilic blood-feeding Diptera are concerned, the biting midges (Diptera: Ceratopogonidae) and blackflies (Diptera: Simuliidae) are generally considered to be strictly exophagous. We determined which blood-sucking Diptera enter nest cavities and feed on birds by placing sticky foil traps inside artificial nest boxes. A total of 667 females of eight species of biting midges of the genus Culicoides (Latreille, 1809) were captured on traps during 2006-2007, with Culicoides truncorum (Edwards, 1939) being the dominant species. DNA blood analyses of blood-engorged females proved that midges actually fed on birds nesting in the boxes. Three species were identified as endophagous: Culicoides truncorum, Culicoides pictipennis (Staeger, 1839), and Culicoides minutissimus (Zetterstedt, 1855). Our study represents the first evidence that ornithophilic biting midges are endophagous. The fact that we caught no blackflies in the bird boxes supports the exophagy of blackflies. We believe that our findings are important for surveillance programmes focusing on Diptera that transmit various bird pathogens.

Target assignment for security officers to K targets (TASK)

International Nuclear Information System (INIS)

Rowland, J.R.; Shelton, K.W.; Stunkel, C.B.

1983-02-01

A probabilistic algorithm is developed to provide an optimal Target Assignment for Security officers to K targets (TASK) using a maximin criterion. Under the assumption of only a limited number (N) of security officers, the TASK computer model determines deployment assignments which maximize the system protection against sabotage by an adversary who may select any link in the system, including the weakest, for the point of attack. Applying the TASK model to a hypothetical nuclear facility containing a nine-level building reveals that aggregate targets covering multiple vital areas should be utilized to reduce the number of possible target assignments to a value equal to or only slightly larger than N. The increased probability that a given aggregate target is covered by one or more security officers offsets the slight decrease in interruption probability due to its occurring earlier in the adversary's path. In brief, the TASK model determines the optimal maximin deployment strategy for limited numbers of security officers and calculates a quantitative measure of the resulting system protection

Implementation of a data fusion algorithm for RODS, a real-time outbreak and disease surveillance system.

Energy Technology Data Exchange (ETDEWEB)

Brown, Douglas (Sandia National Laboratories, Livermore, CA); Gray, Genetha Anne (Sandia National Laboratories, Livermore, CA)

2005-10-01

Due to the nature of many infectious agents, such as anthrax, symptoms may either take several days to manifest or resemble those of less serious illnesses leading to misdiagnosis. Thus, bioterrorism attacks that include the release of such agents are particularly dangerous and potentially deadly. For this reason, a system is needed for the quick and correct identification of disease outbreaks. The Real-time Outbreak Disease Surveillance System (RODS), initially developed by Carnegie Mellon University and the University of Pittsburgh, was created to meet this need. The RODS software implements different classifiers for pertinent health surveillance data in order to determine whether or not an outbreak has occurred. In an effort to improve the capability of RODS at detecting outbreaks, we incorporate a data fusion method. Data fusion is used to improve the results of a single classification by combining the output of multiple classifiers. This paper documents the first stages of the development of a data fusion system that can combine the output of the classifiers included in RODS.

SCADA system vulnerabilities to cyber attack

Energy Technology Data Exchange (ETDEWEB)

Shaw, W. T. [Cyber Security Consulting (Canada)

2004-10-01

The susceptibility to terrorist attacks of computer-based supervisory control (SCADA) systems that are used to monitor and control water distribution systems, oil and gas pipelines and the electrical grid, is discussed. The discussion includes ways in which SCADA systems may be attacked and remedial actions that may be taken to reduce or eliminate the possibility of such attacks. Attacks may take the form of causing the system to generate false data to divert attention from impending system disasters, or commandeer the system to seriously disable it, or cause damage to the process or equipment being controlled by sending improper control commands. SCADA systems are also vulnerable to internal threats, either from an accidental action that results in damage, or an intentional action, as for example by a disgruntled employee, or ex-employee, usually by way of reprogramming an RTU or PLC by accessing the polling/communications circuit. Recent SCADA systems are much more susceptible to concerted cyber attacks because of the adoption of IT technologies and standards into the design of such systems. (Older systems are more likely to be unique designs, hence less susceptible to attack). As far as protection of SCADA systems is concerned, there are no technologies that would prevent a technologically sophisticated terrorist or disgruntled employee from doing major damage to the system, however, the IT world has developed a range of technologies for the protection of IT assets, and many of these same technologies can also be used to safeguard modern SCADA systems.

Handbook of surveillance technologies

CERN Document Server

Petersen, JK

2012-01-01

From officially sanctioned, high-tech operations to budget spy cameras and cell phone video, this updated and expanded edition of a bestselling handbook reflects the rapid and significant growth of the surveillance industry. The Handbook of Surveillance Technologies, Third Edition is the only comprehensive work to chronicle the background and current applications of the full-range of surveillance technologies--offering the latest in surveillance and privacy issues.Cutting-Edge--updates its bestselling predecessor with discussions on social media, GPS circuits in cell phones and PDAs, new GIS s

Combating Memory Corruption Attacks On Scada Devices

Science.gov (United States)

Bellettini, Carlo; Rrushi, Julian

Memory corruption attacks on SCADA devices can cause significant disruptions to control systems and the industrial processes they operate. However, despite the presence of numerous memory corruption vulnerabilities, few, if any, techniques have been proposed for addressing the vulnerabilities or for combating memory corruption attacks. This paper describes a technique for defending against memory corruption attacks by enforcing logical boundaries between potentially hostile data and safe data in protected processes. The technique encrypts all input data using random keys; the encrypted data is stored in main memory and is decrypted according to the principle of least privilege just before it is processed by the CPU. The defensive technique affects the precision with which attackers can corrupt control data and pure data, protecting against code injection and arc injection attacks, and alleviating problems posed by the incomparability of mitigation techniques. An experimental evaluation involving the popular Modbus protocol demonstrates the feasibility and efficiency of the defensive technique.

Containment and surveillance devices

International Nuclear Information System (INIS)

Campbell, J.W.; Johnson, C.S.; Stieff, L.R.

The growing acceptance of containment and surveillance as a means to increase safeguards effectiveness has provided impetus to the development of improved surveillance and containment devices. Five recently developed devices are described. The devices include one photographic and two television surveillance systems and two high security seals that can be verified while installed

Low Tech Hacking Street Smarts for Security Professionals

CERN Document Server

Wiles, Jack; Jabbusch, Jennifer; Rogers, Russ; Lowther, Sean

2011-01-01

Criminals using hacking techniques can cost corporations, governments, and individuals millions of dollars each year. While the media focuses on the grand-scale attacks that have been planned for months and executed by teams and countries, there are thousands more that aren't broadcast. Low Tech Hacking focuses on the everyday hacks that, while simple in nature, actually add up to the most significant losses. Attackers are using common techniques like social engineering, wireless hacking, and targeting and surveillance to gain access to valuable data. This book contains detailed descriptions

Trace Attack against Biometric Mobile Applications

Directory of Open Access Journals (Sweden)

Sanaa Ghouzali

2016-01-01

Full Text Available With the exponential increase in the dependence on mobile devices in everyday life, there is a growing concern related to privacy and security issues in the Gulf countries; therefore, it is imperative that security threats should be analyzed in detail. Mobile devices store enormous amounts of personal and financial information, unfortunately without any security. In order to secure mobile devices against different threats, biometrics has been applied and shown to be effective. However, biometric mobile applications are also vulnerable to several types of attacks that can decrease their security. Biometric information itself is considered sensitive data; for example, fingerprints can leave traces in touched objects and facial images can be captured everywhere or accessed by the attacker if the facial image is stored in the mobile device (lost or stolen. Hence, an attacker can easily forge the identity of a legitimate user and access data on a device. In this paper, the effects of a trace attack on the sensitivity of biometric mobile applications are investigated in terms of security and user privacy. Experimental results carried out on facial and fingerprint mobile authentication applications using different databases have shown that these mobile applications are vulnerable to the proposed attack, which poses a serious threat to the overall system security and user privacy.

Limit Asthma Attacks Caused by Colds or Flu

Science.gov (United States)

Asthma: Limit asthma attacks caused by colds or flu A cold or the flu can trigger an asthma attack. Here's why — and how to keep your sneeze ... plan. If you notice warning signs of an asthma attack — such as coughing, wheezing, chest tightness or shortness ...

Quantitative Attack Tree Analysis via Priced Timed Automata

NARCIS (Netherlands)

Kumar, Rajesh; Ruijters, Enno Jozef Johannes; Stoelinga, Mariëlle Ida Antoinette; Sankaranarayanan, Sriram; Vicario, Enrico

The success of a security attack crucially depends on the resources available to an attacker: time, budget, skill level, and risk appetite. Insight in these dependencies and the most vulnerable system parts is key to providing effective counter measures. This paper considers attack trees, one of the

Finite Energy and Bounded Actuator Attacks on Cyber-Physical Systems

Energy Technology Data Exchange (ETDEWEB)

Djouadi, Seddik M [ORNL; Melin, Alexander M [ORNL; Ferragut, Erik M [ORNL; Laska, Jason A [ORNL; Dong, Jin [ORNL; Drira, Anis [ORNL

2015-01-01

As control system networks are being connected to enterprise level networks for remote monitoring, operation, and system-wide performance optimization, these same connections are providing vulnerabilities that can be exploited by malicious actors for attack, financial gain, and theft of intellectual property. Much effort in cyber-physical system (CPS) protection has focused on protecting the borders of the system through traditional information security techniques. Less effort has been applied to the protection of cyber-physical systems from intelligent attacks launched after an attacker has defeated the information security protections to gain access to the control system. In this paper, attacks on actuator signals are analyzed from a system theoretic context. The threat surface is classified into finite energy and bounded attacks. These two broad classes encompass a large range of potential attacks. The effect of theses attacks on a linear quadratic (LQ) control are analyzed, and the optimal actuator attacks for both finite and infinite horizon LQ control are derived, therefore the worst case attack signals are obtained. The closed-loop system under the optimal attack signals is given and a numerical example illustrating the effect of an optimal bounded attack is provided.

An integrated national mortality surveillance system for death registration and mortality surveillance, China.

Science.gov (United States)

Liu, Shiwei; Wu, Xiaoling; Lopez, Alan D; Wang, Lijun; Cai, Yue; Page, Andrew; Yin, Peng; Liu, Yunning; Li, Yichong; Liu, Jiangmei; You, Jinling; Zhou, Maigeng

2016-01-01

In China, sample-based mortality surveillance systems, such as the Chinese Center for Disease Control and Prevention's disease surveillance points system and the Ministry of Health's vital registration system, have been used for decades to provide nationally representative data on health status for health-care decision-making and performance evaluation. However, neither system provided representative mortality and cause-of-death data at the provincial level to inform regional health service needs and policy priorities. Moreover, the systems overlapped to a considerable extent, thereby entailing a duplication of effort. In 2013, the Chinese Government combined these two systems into an integrated national mortality surveillance system to provide a provincially representative picture of total and cause-specific mortality and to accelerate the development of a comprehensive vital registration and mortality surveillance system for the whole country. This new system increased the surveillance population from 6 to 24% of the Chinese population. The number of surveillance points, each of which covered a district or county, increased from 161 to 605. To ensure representativeness at the provincial level, the 605 surveillance points were selected to cover China's 31 provinces using an iterative method involving multistage stratification that took into account the sociodemographic characteristics of the population. This paper describes the development and operation of the new national mortality surveillance system, which is expected to yield representative provincial estimates of mortality in China for the first time.

Detecting, reporting, and analysis of priority diseases for routine public health surveillance in Liberia.

Science.gov (United States)

Frimpong, Joseph Asamoah; Park, Meeyoung Mattie; Amo-Addae, Maame Pokuah; Adewuyi, Peter Adebayo; Nagbe, Thomas Knue

2017-01-01

An essential component of a public health surveillance system is its ability to detect priority diseases which fall within the mandate of public health officials at all levels. Early detection, reporting and response to public health events help to reduce the burden of mortality and morbidity on communities. Analysis of reliable surveillance data provides relevant information which can enable implementation of timely and appropriate public health interventions. To ensure that a resilient system is in place, the World Health Organization (WHO) has provided guidelines for detection, reporting and response to public health events in the Integrated Disease Surveillance and Response (IDSR) strategy. This case study provides training on detection, reporting and analysis of priority diseases for routine public health surveillance in Liberia and highlights potential errors and challenges which can hinder effective surveillance. Table-top exercises and group discussion lead participants through a simulated verification and analyses of summary case reports in the role of the District Surveillance Officer. This case study is intended for public health training in a classroom setting and can be accomplished within 2 hours 30 minutes. The target audience include residents in Frontline Epidemiology Training Programs (FETP-Frontline), Field Epidemiology and Laboratory Training Programs (FELTPs), and others who are interested in this topic.

Modeling attacker-defender interactions in information networks.

Energy Technology Data Exchange (ETDEWEB)

Collins, Michael Joseph

2010-09-01

The simplest conceptual model of cybersecurity implicitly views attackers and defenders as acting in isolation from one another: an attacker seeks to penetrate or disrupt a system that has been protected to a given level, while a defender attempts to thwart particular attacks. Such a model also views all non-malicious parties as having the same goal of preventing all attacks. But in fact, attackers and defenders are interacting parts of the same system, and different defenders have their own individual interests: defenders may be willing to accept some risk of successful attack if the cost of defense is too high. We have used game theory to develop models of how non-cooperative but non-malicious players in a network interact when there is a substantial cost associated with effective defensive measures. Although game theory has been applied in this area before, we have introduced some novel aspects of player behavior in our work, including: (1) A model of how players attempt to avoid the costs of defense and force others to assume these costs; (2) A model of how players interact when the cost of defending one node can be shared by other nodes; and (3) A model of the incentives for a defender to choose less expensive, but less effective, defensive actions.

Digital dashboard design using multiple data streams for disease surveillance with influenza surveillance as an example.

Science.gov (United States)

Cheng, Calvin K Y; Ip, Dennis K M; Cowling, Benjamin J; Ho, Lai Ming; Leung, Gabriel M; Lau, Eric H Y

2011-10-14

Great strides have been made exploring and exploiting new and different sources of disease surveillance data and developing robust statistical methods for analyzing the collected data. However, there has been less research in the area of dissemination. Proper dissemination of surveillance data can facilitate the end user's taking of appropriate actions, thus maximizing the utility of effort taken from upstream of the surveillance-to-action loop. The aims of the study were to develop a generic framework for a digital dashboard incorporating features of efficient dashboard design and to demonstrate this framework by specific application to influenza surveillance in Hong Kong. Based on the merits of the national websites and principles of efficient dashboard design, we designed an automated influenza surveillance digital dashboard as a demonstration of efficient dissemination of surveillance data. We developed the system to synthesize and display multiple sources of influenza surveillance data streams in the dashboard. Different algorithms can be implemented in the dashboard for incorporating all surveillance data streams to describe the overall influenza activity. We designed and implemented an influenza surveillance dashboard that utilized self-explanatory figures to display multiple surveillance data streams in panels. Indicators for individual data streams as well as for overall influenza activity were summarized in the main page, which can be read at a glance. Data retrieval function was also incorporated to allow data sharing in standard format. The influenza surveillance dashboard serves as a template to illustrate the efficient synthesization and dissemination of multiple-source surveillance data, which may also be applied to other diseases. Surveillance data from multiple sources can be disseminated efficiently using a dashboard design that facilitates the translation of surveillance information to public health actions.

Activity Modelling and Comparative Evaluation of WSN MAC Security Attacks

DEFF Research Database (Denmark)

Pawar, Pranav M.; Nielsen, Rasmus Hjorth; Prasad, Neeli R.

2012-01-01

and initiate security attacks that disturb the normal functioning of the network in a severe manner. Such attacks affect the performance of the network by increasing the energy consumption, by reducing throughput and by inducing long delays. Of all existing WSN attacks, MAC layer attacks are considered...... the most harmful as they directly affect the available resources and thus the nodes’ energy consumption. The first endeavour of this paper is to model the activities of MAC layer security attacks to understand the flow of activities taking place when mounting the attack and when actually executing it....... The second aim of the paper is to simulate these attacks on hybrid MAC mechanisms, which shows the performance degradation of aWSN under the considered attacks. The modelling and implementation of the security attacks give an actual view of the network which can be useful in further investigating secure...

Algebraic Side-Channel Attack on Twofish

Directory of Open Access Journals (Sweden)

Chujiao Ma

2017-05-01

Full Text Available While algebraic side-channel attack (ASCA has been successful in breaking simple cryptographic algorithms, it has never been done on larger or more complex algorithms such as Twofish. Compared to other algorithms that ASCA has been used on, Twofish is more difficult to attack due to the key-dependent S-boxes as well as the complex key scheduling. In this paper, we propose the first algebraic side-channel attack on Twofish, and examine the importance of side-channel information in getting past the key-dependent S-boxes and the complex key scheduling. The cryptographic algorithm and side-channel information are both expressed as boolean equations and a SAT solver is used to recover the key. While algebraic attack by itself is not sufficient to break the algorithm, with the help of side-channel information such as Hamming weights, we are able to correctly solve for 96 bits of the 128 bits key in under 2 hours with known plaintext/ciphertext.

On localization attacks against cloud infrastructure

Science.gov (United States)

Ge, Linqiang; Yu, Wei; Sistani, Mohammad Ali

2013-05-01

One of the key characteristics of cloud computing is the device and location independence that enables the user to access systems regardless of their location. Because cloud computing is heavily based on sharing resource, it is vulnerable to cyber attacks. In this paper, we investigate a localization attack that enables the adversary to leverage central processing unit (CPU) resources to localize the physical location of server used by victims. By increasing and reducing CPU usage through the malicious virtual machine (VM), the response time from the victim VM will increase and decrease correspondingly. In this way, by embedding the probing signal into the CPU usage and correlating the same pattern in the response time from the victim VM, the adversary can find the location of victim VM. To determine attack accuracy, we investigate features in both the time and frequency domains. We conduct both theoretical and experimental study to demonstrate the effectiveness of such an attack.

Network attacks and defenses a hands-on approach

CERN Document Server

Trabelsi, Zouheir; Al Braiki, Arwa; Mathew, Sujith Samuel

2012-01-01

The attacks on computers and business networks are growing daily, and the need for security professionals who understand how malfeasants perform attacks and compromise networks is a growing requirement to counter the threat. Network security education generally lacks appropriate textbooks with detailed, hands-on exercises that include both offensive and defensive techniques. Using step-by-step processes to build and generate attacks using offensive techniques, Network Attacks and Defenses: A Hands-on Approach enables students to implement appropriate network security solutions within a laborat

Influenza surveillance

Directory of Open Access Journals (Sweden)

Karolina Bednarska

2016-04-01

Full Text Available Influenza surveillance was established in 1947. From this moment WHO (World Health Organization has been coordinating international cooperation, with a goal of monitoring influenza virus activity, effective diagnostic of the circulating viruses and informing society about epidemics or pandemics, as well as about emergence of new subtypes of influenza virus type A. Influenza surveillance is an important task, because it enables people to prepare themselves for battle with the virus that is constantly mutating, what leads to circulation of new and often more virulent strains of influenza in human population. As vaccination is the most effective method of fighting the virus, one of the major tasks of GISRS is developing an optimal antigenic composition of the vaccine for the current epidemic season. European Influenza Surveillance Network (EISN has also developed over the years. EISN is running integrated epidemiological and virological influenza surveillance, to provide appropriate data to public health experts in member countries, to enable them undertaking relevant activities based on the current information about influenza activity. In close cooperation with GISRS and EISN are National Influenza Centres - national institutions designated by the Ministry of Health in each country.

SDN-Based Double Hopping Communication against Sniffer Attack

Directory of Open Access Journals (Sweden)

Zheng Zhao

2016-01-01

Full Text Available Sniffer attack has been a severe threat to network communication security. Traditional network usually uses static network configuration, which provides convenience to sniffer attack. In this paper, an SDN-based double hopping communication (DHC approach is proposed to solve this problem. In DHC, ends in communication packets as well as the routing paths are changed dynamically. Therefore, the traffic will be distributed to multiple flows and transmitted along different paths. Moreover, the data from multiple users will be mixed, bringing difficulty for attackers in obtaining and recovering the communication data, so that sniffer attack will be prevented effectively. It is concluded that DHC is able to increase the overhead of sniffer attack, as well as the difficulty of communication data recovery.

Attacks on Bluetooth Security Architecture and Its Countermeasures

Science.gov (United States)

Iqbal, Mian Muhammad Waseem; Kausar, Firdous; Wahla, Muhammad Arif

WPANs compliment the traditional IEEE 802.11 wireless networks by facilitating the clients with flexibility in network topologies, higher mobility and relaxed configuration/hardware requirements. Bluetooth, a WPAN technology, is an open standard for short-range radio frequency (RF) communication. However, it is also susceptible to typical security threats found in wireless LANs. This paper discuses some of the attack scenarios against the bluetooth network such as hostile intrusion, active Man-in-the-Middle (MITM) attack using unit key and various forms of denial of service (DoS) attacks. These threats and attacks compromise the confidentiality and availability of bluetooth data and services. This paper proposes an improved security architecture for bluetooth device which provides protection against the above mentioned attacks.

Distributed Denial of Service Attack Source Detection Using Efficient Traceback Technique (ETT) in Cloud-Assisted Healthcare Environment.

Science.gov (United States)

Latif, Rabia; Abbas, Haider; Latif, Seemab; Masood, Ashraf

2016-07-01

Security and privacy are the first and foremost concerns that should be given special attention when dealing with Wireless Body Area Networks (WBANs). As WBAN sensors operate in an unattended environment and carry critical patient health information, Distributed Denial of Service (DDoS) attack is one of the major attacks in WBAN environment that not only exhausts the available resources but also influence the reliability of information being transmitted. This research work is an extension of our previous work in which a machine learning based attack detection algorithm is proposed to detect DDoS attack in WBAN environment. However, in order to avoid complexity, no consideration was given to the traceback mechanism. During traceback, the challenge lies in reconstructing the attack path leading to identify the attack source. Among existing traceback techniques, Probabilistic Packet Marking (PPM) approach is the most commonly used technique in conventional IP- based networks. However, since marking probability assignment has significant effect on both the convergence time and performance of a scheme, it is not directly applicable in WBAN environment due to high convergence time and overhead on intermediate nodes. Therefore, in this paper we have proposed a new scheme called Efficient Traceback Technique (ETT) based on Dynamic Probability Packet Marking (DPPM) approach and uses MAC header in place of IP header. Instead of using fixed marking probability, the proposed scheme uses variable marking probability based on the number of hops travelled by a packet to reach the target node. Finally, path reconstruction algorithms are proposed to traceback an attacker. Evaluation and simulation results indicate that the proposed solution outperforms fixed PPM in terms of convergence time and computational overhead on nodes.

Time series modeling for syndromic surveillance

Directory of Open Access Journals (Sweden)

Mandl Kenneth D

2003-01-01

Full Text Available Abstract Background Emergency department (ED based syndromic surveillance systems identify abnormally high visit rates that may be an early signal of a bioterrorist attack. For example, an anthrax outbreak might first be detectable as an unusual increase in the number of patients reporting to the ED with respiratory symptoms. Reliably identifying these abnormal visit patterns requires a good understanding of the normal patterns of healthcare usage. Unfortunately, systematic methods for determining the expected number of (ED visits on a particular day have not yet been well established. We present here a generalized methodology for developing models of expected ED visit rates. Methods Using time-series methods, we developed robust models of ED utilization for the purpose of defining expected visit rates. The models were based on nearly a decade of historical data at a major metropolitan academic, tertiary care pediatric emergency department. The historical data were fit using trimmed-mean seasonal models, and additional models were fit with autoregressive integrated moving average (ARIMA residuals to account for recent trends in the data. The detection capabilities of the model were tested with simulated outbreaks. Results Models were built both for overall visits and for respiratory-related visits, classified according to the chief complaint recorded at the beginning of each visit. The mean absolute percentage error of the ARIMA models was 9.37% for overall visits and 27.54% for respiratory visits. A simple detection system based on the ARIMA model of overall visits was able to detect 7-day-long simulated outbreaks of 30 visits per day with 100% sensitivity and 97% specificity. Sensitivity decreased with outbreak size, dropping to 94% for outbreaks of 20 visits per day, and 57% for 10 visits per day, all while maintaining a 97% benchmark specificity. Conclusions Time series methods applied to historical ED utilization data are an important tool

Intelligent multimedia surveillance current trends and research

CERN Document Server

Atrey, Pradeep K; Cavallaro, Andrea

2013-01-01

Intelligent multimedia surveillance concerns the analysis of multiple sensing inputs including video and audio streams, radio-frequency identification (RFID), and depth data. These data are processed for the automated detection and tracking of people, vehicles, and other objects. The goal is to locate moving targets, to understand their behavior, and to detect suspicious or abnormal activities for crime prevention. Despite its benefits, there is societal apprehension regarding the use of such technology, so an important challenge in this research area is to balance public safety and privacy.

Similar pathogen targets in Arabidopsis thaliana and homo sapiens protein networks.

Directory of Open Access Journals (Sweden)

Paulo Shakarian

Full Text Available We study the behavior of pathogens on host protein networks for humans and Arabidopsis - noting striking similarities. Specifically, we preform [Formula: see text]-shell decomposition analysis on these networks - which groups the proteins into various "shells" based on network structure. We observe that shells with a higher average degree are more highly targeted (with a power-law relationship and that highly targeted nodes lie in shells closer to the inner-core of the network. Additionally, we also note that the inner core of the network is significantly under-targeted. We show that these core proteins may have a role in intra-cellular communication and hypothesize that they are less attacked to ensure survival of the host. This may explain why certain high-degree proteins are not significantly attacked.

Data-plane Defenses against Routing Attacks on Tor

Directory of Open Access Journals (Sweden)

Tan Henry

2016-10-01

Full Text Available Tor is susceptible to traffic correlation attacks in which an adversary who observes flows entering and leaving the anonymity network can apply statistical techniques to correlate flows and de-anonymize their endpoints. While an adversary may not be naturally positioned to conduct such attacks, a recent study shows that the Internet’s control-plane can be manipulated to increase an adversary’s view of the network, and consequently, improve its ability to perform traffic correlation. This paper explores, in-depth, the effects of control-plane attacks on the security of the Tor network. Using accurate models of the live Tor network, we quantify Tor’s susceptibility to these attacks by measuring the fraction of the Tor network that is vulnerable and the advantage to the adversary of performing the attacks. We further propose defense mechanisms that protect Tor users from manipulations at the control-plane. Perhaps surprisingly, we show that by leveraging existing trust anchors in Tor, defenses deployed only in the data-plane are sufficient to detect most control-plane attacks. Our defenses do not assume the active participation of Internet Service Providers, and require only very small changes to Tor. We show that our defenses result in a more than tenfold decrease in the effectiveness of certain control-plane attacks.

Rotational Rebound Attacks on Reduced Skein

DEFF Research Database (Denmark)

Khovratovich, Dmitry; Nikolic, Ivica; Rechberger, Christian

2010-01-01

In this paper we combine a recent rotational cryptanalysis with the rebound attack, which results in the best cryptanalysis of Skein, a candidate for the SHA-3 competition. The rebound attack approach was so far only applied to AES-like constructions. For the first time, we show that this approach...

Regional Disease Surveillance Meeting - Final Paper

Energy Technology Data Exchange (ETDEWEB)

Lesperance, Ann M.; Mahy, Heidi A.

2006-08-08

On June 1, 2006, public health officials working in surveillance, epidemiological modeling, and information technology communities from the Seattle/Tacoma area and State of Washington met with members of the Pacific Northwest National Laboratory (PNNL) to discuss the current state of disease surveillance and gaps and needs to improve the current systems. The meeting also included a discussion of PNNL initiatives that might be appropriate to enhance disease surveillance and the current tools being used for disease surveillance. Participants broke out into two groups to identify critical gaps and needs for improving a surveillance system, and discuss the requirements for developing improved surveillance. Each group developed a list of key priorities summarizing the requirements for improved surveillance. The objective of this meeting was to work towards the development of an improved disease surveillance system.

Surveillance systems to track progress toward global polio eradication - worldwide, 2012-2013.

Science.gov (United States)

Levitt, Alexandra; Diop, Ousmane M; Tangermann, Rudolf H; Paladin, Fem; Kamgang, Jean Baptiste; Burns, Cara C; Chenoweth, Paul J; Goel, Ajay; Wassilak, Steven G F

2014-04-25

In 2012, the World Health Assembly of the World Health Organization (WHO) declared completion of polio eradication a programmatic emergency. Polio cases are detected through surveillance of acute flaccid paralysis (AFP) cases and subsequent testing of stool specimens for polioviruses (PVs) at WHO-accredited laboratories within the Global Polio Laboratory Network (GPLN). AFP surveillance is supplemented by environmental surveillance, testing sewage samples from selected sites for PVs. Virologic surveillance, including genomic sequencing to identify isolates by genotype and measure divergence between isolates, guides Global Polio Eradication Initiative (GPEI) activities by confirming the presence of PV, tracking chains of PV transmission, and highlighting gaps in AFP surveillance quality. This report provides AFP surveillance quality indicators at national and subnational levels during 2012-2013 for countries that experienced PV cases during 2009-2013 in the WHO African Region (AFR) and Eastern Mediterranean Region (EMR), the remaining polio-endemic regions. It also summarizes the results of environmental surveillance and reviews indicators assessing the timeliness of reporting of PV isolation and of virus strain characterization globally. Regional-level performance indicators for timely reporting of PV isolation were met in five of six WHO regions in 2012 and 2013. Of 30 AFR and EMR countries that experienced cases of PV (wild poliovirus [WPV], circulating vaccine-derived poliovirus [cVDPV], or both) during 2009-2013, national performance indicator targets for AFP surveillance and collection of adequate specimens were met in 27 (90%) countries in 2012 and 22 (73%) in 2013. In 17 (57%) countries, ≥80% of the population lived in subnational areas meeting both AFP performance indicators in 2012, decreasing to 13 (43%) in 2013. To achieve polio eradication and certify interruption of PV transmission, intensive efforts to strengthen and maintain AFP surveillance are

Step to improve neural cryptography against flipping attacks.

Science.gov (United States)

Zhou, Jiantao; Xu, Qinzhen; Pei, Wenjiang; He, Zhenya; Szu, Harold

2004-12-01

Synchronization of neural networks by mutual learning has been demonstrated to be possible for constructing key exchange protocol over public channel. However, the neural cryptography schemes presented so far are not the securest under regular flipping attack (RFA) and are completely insecure under majority flipping attack (MFA). We propose a scheme by splitting the mutual information and the training process to improve the security of neural cryptosystem against flipping attacks. Both analytical and simulation results show that the success probability of RFA on the proposed scheme can be decreased to the level of brute force attack (BFA) and the success probability of MFA still decays exponentially with the weights' level L. The synchronization time of the parties also remains polynomial with L. Moreover, we analyze the security under an advanced flipping attack.

Improved Impossible Differential Attacks on Large-Block Rijndael

DEFF Research Database (Denmark)

Wang, Qingju; Gu, Dawu; Rijmen, Vincent

2012-01-01

. The improvement can lead to 10-round attack on Rijndael-256 as well. With 2198.1 chosen plaintexts, an attack is demonstrated on 9-round Rijndael-224 with 2 195.2 encryptions and 2140.4 bytes memory. Increasing the data complexity to 2216 plaintexts, the time complexity can be reduced to 2130 encryptions...... and the memory requirements to 2 93.6 bytes. For 9-round Rijndael-256, we provide an attack requiring 2229.3 chosen plaintexts, 2194 encryptions, and 2 139.6 bytes memory. Alternatively, with 2245.3 plaintexts, an attack with a reduced time of 2127.1 encryptions and a memory complexity of 290.9 bytes can...... be mounted. With 2244.2 chosen plaintexts, we can attack 10-round Rijndael-256 with 2253.9 encryptions and 2186.8 bytes of memory....

RAPTOR: Ransomware Attack PredicTOR

OpenAIRE

Quinkert, Florian; Holz, Thorsten; Hossain, KSM Tozammel; Ferrara, Emilio; Lerman, Kristina

2018-01-01

Ransomware, a type of malicious software that encrypts a victim's files and only releases the cryptographic key once a ransom is paid, has emerged as a potentially devastating class of cybercrimes in the past few years. In this paper, we present RAPTOR, a promising line of defense against ransomware attacks. RAPTOR fingerprints attackers' operations to forecast ransomware activity. More specifically, our method learns features of malicious domains by looking at examples of domains involved in...

Shark attack-related injuries: Epidemiology and implications for plastic surgeons.

Science.gov (United States)

Ricci, Joseph A; Vargas, Christina R; Singhal, Dhruv; Lee, Bernard T

2016-01-01

The increased media attention to shark attacks has led to a heightened fear and public awareness. Although few sharks are considered dangerous, attacks on humans can result in large soft tissue defects necessitating the intervention of reconstructive surgeons. This study aims to evaluate and describe the characteristics of shark-related injuries in order to improve treatment. The Global Shark Accident File, maintained by the Shark Research Institute (Princeton, NJ, USA), is a compilation of all known worldwide shark attacks. Database records since the 1900s were reviewed to identify differences between fatal and nonfatal attacks, including: geography, injury pattern, shark species, and victim activity. Since the 1900s, there have been 5034 reported shark attacks, of which 1205 (22.7%) were fatal. Although the incidence of attacks per decade has increased, the percentage of fatalities has decreased. Characteristics of fatal attacks included swimming (p = 0.001), boating (p = 0.001), three or more bite sites (p = 0.03), limb loss (p = 0.001), or tiger shark attack (p = 0.002). The most common attacks were bites to the legs (41.8%) or arms (18.4%), with limb loss occurring in 7% of attacks. Geographically, the majority of attacks occurred in North America (36.7%) and Australia (26.5%). Most attacks in the USA occurred in Florida (49.1%) and California (13.6%). Although rare, shark attacks result in devastating injuries to patients. As these injuries often involve multiple sites and limb loss, this creates a significant challenge for reconstructive surgeons. Proper identification of the characteristics of the attack can aid in providing optimal care for those affected. Copyright © 2015 British Association of Plastic, Reconstructive and Aesthetic Surgeons. Published by Elsevier Ltd. All rights reserved.

A review of zoonotic disease surveillance supported by the Armed Forces Health Surveillance Center.

Science.gov (United States)

Burke, R L; Kronmann, K C; Daniels, C C; Meyers, M; Byarugaba, D K; Dueger, E; Klein, T A; Evans, B P; Vest, K G

2012-05-01

The Armed Forces Health Surveillance Center (AFHSC), Division of Global Emerging Infections Surveillance and Response System conducts disease surveillance through a global network of US Department of Defense research laboratories and partnerships with foreign ministries of agriculture, health and livestock development in over 90 countries worldwide. In 2010, AFHSC supported zoonosis survey efforts were organized into four main categories: (i) development of field assays for animal disease surveillance during deployments and in resource limited environments, (ii) determining zoonotic disease prevalence in high-contact species which may serve as important reservoirs of diseases and sources of transmission, (iii) surveillance in high-risk human populations which are more likely to become exposed and subsequently infected with zoonotic pathogens and (iv) surveillance at the human-animal interface examining zoonotic disease prevalence and transmission within and between human and animal populations. These efforts have aided in the detection, identification and quantification of the burden of zoonotic diseases such as anthrax, brucellosis, Crimean Congo haemorrhagic fever, dengue fever, Hantaan virus, influenza, Lassa fever, leptospirosis, melioidosis, Q fever, Rift Valley fever, sandfly fever Sicilian virus, sandfly fever Naples virus, tuberculosis and West Nile virus, which are of military and public health importance. Future zoonotic surveillance efforts will seek to develop local capacity for zoonotic surveillance focusing on high risk populations at the human-animal interface. © 2011 Blackwell Verlag GmbH.

Privacy Leaks through Data Hijacking Attack on Mobile Systems

Directory of Open Access Journals (Sweden)

Zhang Daojuan

2017-01-01

Full Text Available To persistently eavesdrop on the mobile devices, attackers may obtain the elevated privilege and inject malicious modules into the user devices. Unfortunately, the attackers may not be able to obtain the privilege for a long period of time since the exploitable vulnerabilities may be fixed or the malware may be removed. In this paper, we propose a new data hijacking attack for the mobile apps. By employing the proposed method, the attackers are only required to obtain the root privilege of the user devices once, and they can persistently eavesdrop without any change to the original device. Specifically, we design a new approach to construct a shadow system by hijacking user data files. In the shadow system, attackers possess the identical abilities to the victims. For instance, if a victim has logged into the email app, the attacker can also access the email server in the shadow system without authentication in a long period of time. Without reauthentication of the app, it is difficult for victims to notice the intrusion since the whole eavesdropping is performed on other devices (rather than the user devices. In our experiments, we evaluate the effectiveness of the proposed attack and the result demonstrates that even the Android apps released by the top developers cannot resist this attack. Finally, we discuss some approaches to defend the proposed attack.

Extracting 3d Semantic Information from Video Surveillance System Using Deep Learning

Science.gov (United States)

Zhang, J. S.; Cao, J.; Mao, B.; Shen, D. Q.

2018-04-01

At present, intelligent video analysis technology has been widely used in various fields. Object tracking is one of the important part of intelligent video surveillance, but the traditional target tracking technology based on the pixel coordinate system in images still exists some unavoidable problems. Target tracking based on pixel can't reflect the real position information of targets, and it is difficult to track objects across scenes. Based on the analysis of Zhengyou Zhang's camera calibration method, this paper presents a method of target tracking based on the target's space coordinate system after converting the 2-D coordinate of the target into 3-D coordinate. It can be seen from the experimental results: Our method can restore the real position change information of targets well, and can also accurately get the trajectory of the target in space.

What Can We Learn?--The Algonquin Bear Attack.

Science.gov (United States)

Strickland, Dan

1992-01-01

Describes a bear attack in Algonquin Park in Lake Opeongo (Canada) in which a man and woman were killed. Hypothesizes that the bear deliberately preyed on its victims and concludes that the bear was physically normal. Despite this isolated attack, the chance of being attacked by a black bear when camping is virtually nonexistent. (KS)