300 resultados para Algebraic attack


Relevância:

10.00% 10.00%

Publicador:

Resumo:

Using Media-Access-Control (MAC) address for data collection and tracking is a capable and cost effective approach as the traditional ways such as surveys and video surveillance have numerous drawbacks and limitations. Positioning cell-phones by Global System for Mobile communication was considered an attack on people's privacy. MAC addresses just keep a unique log of a WiFi or Bluetooth enabled device for connecting to another device that has not potential privacy infringements. This paper presents the use of MAC address data collection approach for analysis of spatio-temporal dynamics of human in terms of shared space utilization. This paper firstly discuses the critical challenges and key benefits of MAC address data as a tracking technology for monitoring human movement. Here, proximity-based MAC address tracking is postulated as an effective methodology for analysing the complex spatio-temporal dynamics of human movements at shared zones such as lounge and office areas. A case study of university staff lounge area is described in detail and results indicates a significant added value of the methodology for human movement tracking. By analysis of MAC address data in the study area, clear statistics such as staff’s utilisation frequency, utilisation peak periods, and staff time spent is obtained. The analyses also reveal staff’s socialising profiles in terms of group and solo gathering. The paper is concluded with a discussion on why MAC address tracking offers significant advantages for tracking human behaviour in terms of shared space utilisation with respect to other and more prominent technologies, and outlines some of its remaining deficiencies.

Relevância:

10.00% 10.00%

Publicador:

Resumo:

Recently a convex hull based human identification protocol was proposed by Sobrado and Birget, whose steps can be performed by humans without additional aid. The main part of the protocol involves the user mentally forming a convex hull of secret icons in a set of graphical icons and then clicking randomly within this convex hull. In this paper we show two efficient probabilistic attacks on this protocol which reveal the user’s secret after the observation of only a handful of authentication sessions. We show that while the first attack can be mitigated through appropriately chosen values of system parameters, the second attack succeeds with a non-negligible probability even with large system parameter values which cross the threshold of usability.

Relevância:

10.00% 10.00%

Publicador:

Resumo:

Phishing, a form of on-line identity theft, is a major problem worldwide, accounting for more than $7.5 Billion in losses in the US alone between 2005 and 2008. Australia was the first country to be targeted by Internet bank phishing in 2003 and continues to have a significant problem in this area. The major cyber crime groups responsible for phishing are based in Eastern Europe. They operate with a large degree of freedom due to the inherent difficulties in cross border law enforcement and the current situation in Eastern Europe, particularly in Russia and the Ukraine. They employ highly sophisticated and efficient technical tools to compromise victims and subvert bank authentication systems. However because it is difficult for them to repatriate the fraudulently obtained funds directly they employ Internet money mules in Australia to transfer the money via Western Union or Money gram. It is proposed a strategy, which firstly places more focus by Australian law enforcement upon transactions via Western Union and Money gram to detect this money laundering, would significantly impact the success of the Phishing attack model. This combined with a technical monitoring of Trojan technology and education of potential Internet money mules to avoid being duped would provide a winning strategy for the war on phishing for Australia.

Relevância:

10.00% 10.00%

Publicador:

Resumo:

Recently, botnet, a network of compromised computers, has been recognized as the biggest threat to the Internet. The bots in a botnet communicate with the botnet owner via a communication channel called Command and Control (C & C) channel. There are three main C & C channels: Internet Relay Chat (IRC), Peer-to-Peer (P2P) and web-based protocols. By exploiting the flexibility of the Web 2.0 technology, the web-based botnet has reached a new level of sophistication. In August 2009, such botnet was found on Twitter, one of the most popular Web 2.0 services. In this paper, we will describe a new type of botnet that uses Web 2.0 service as a C & C channel and a temporary storage for their stolen information. We will then propose a novel approach to thwart this type of attack. Our method applies a unique identifier of the computer, an encryption algorithm with session keys and a CAPTCHA verification.

Relevância:

10.00% 10.00%

Publicador:

Resumo:

We propose a new protocol providing cryptographically secure authentication to unaided humans against passive adversaries. We also propose a new generic passive attack on human identification protocols. The attack is an application of Coppersmith’s baby-step giant-step algorithm on human identification protcols. Under this attack, the achievable security of some of the best candidates for human identification protocols in the literature is further reduced. We show that our protocol preserves similar usability while achieves better security than these protocols. A comprehensive security analysis is provided which suggests parameters guaranteeing desired levels of security.

Relevância:

10.00% 10.00%

Publicador:

Resumo:

Recently a new human authentication scheme called PAS (predicate-based authentication service) was proposed, which does not require the assistance of any supplementary device. The main security claim of PAS is to resist passive adversaries who can observe the whole authentication session between the human user and the remote server. In this paper we show that PAS is insecure against both brute force attack and a probabilistic attack. In particular, we show that its security against brute force attack was strongly overestimated. Furthermore, we introduce a probabilistic attack, which can break part of the password even with a very small number of observed authentication sessions. Although the proposed attack cannot completely break the password, it can downgrade the PAS system to a much weaker system similar to common OTP (one-time password) systems.

Relevância:

10.00% 10.00%

Publicador:

Resumo:

Current military conflicts are characterized by the use of the improvised explosive device. Improvements in personal protection, medical care, and evacuation logistics have resulted in increasing numbers of casualties surviving with complex musculoskeletal injuries, often leading to lifelong disability. Thus, there exists an urgent requirement to investigate the mechanism of extremity injury caused by these devices in order to develop mitigation strategies. In addition, the wounds of war are no longer restricted to the battlefield; similar injuries can be witnessed in civilian centers following a terrorist attack. Key to understanding such mechanisms of injury is the ability to deconstruct the complexities of an explosive event into a controlled, laboratory-based environment. In this article, a traumatic injury simulator, designed to recreate in the laboratory the impulse that is transferred to the lower extremity from an anti-vehicle explosion, is presented and characterized experimentally and numerically. Tests with instrumented cadaveric limbs were then conducted to assess the simulator’s ability to interact with the human in two mounting conditions, simulating typical seated and standing vehicle passengers. This experimental device will now allow us to (a) gain comprehensive understanding of the load-transfer mechanisms through the lower limb, (b) characterize the dissipating capacity of mitigation technologies, and (c) assess the bio-fidelity of surrogates.

Relevância:

10.00% 10.00%

Publicador:

Resumo:

The lower limb of military vehicle occupants has been the most injured body part due to undervehicle explosions in recent conflicts. Understanding the injury mechanism and causality of injury severity could aid in developing better protection. Therefore, we tested 4 different occupant postures (seated, brace, standing, standing with knee locked in hyper‐extension) in a simulated under‐vehicle explosion (solid blast) using our traumatic injury simulator in the laboratory; we hypothesised that occupant posture would affect injury severity. No skeletal injury was observed in the specimens in seated and braced postures. Severe, impairing injuries were observed in the foot of standing and hyper‐extended specimens. These results demonstrate that a vehicle occupant whose posture at the time of the attack incorporates knee flexion is more likely to be protected against severe skeletal injury to the lower leg.

Relevância:

10.00% 10.00%

Publicador:

Resumo:

In the current market, extensive software development is taking place and the software industry is thriving. Major software giants have stated source code theft as a major threat to revenues. By inserting an identity-establishing watermark in the source code, a company can prove it's ownership over the source code. In this paper, we propose a watermarking scheme for C/C++ source codes by exploiting the language restrictions. If a function calls another function, the latter needs to be defined in the code before the former, unless one uses function pre-declarations. We embed the watermark in the code by imposing an ordering on the mutually independent functions by introducing bogus dependency. Removal of dependency by the attacker to erase the watermark requires extensive manual intervention thereby making the attack infeasible. The scheme is also secure against subtractive and additive attacks. Using our watermarking scheme, an n-bit watermark can be embedded in a program having n independent functions. The scheme is implemented on several sample codes and performance changes are analyzed.

Relevância:

10.00% 10.00%

Publicador:

Resumo:

A dynamic accumulator is an algorithm, which gathers together a large set of elements into a constant-size value such that for a given element accumulated, there is a witness confirming that the element was indeed included into the value, with a property that accumulated elements can be dynamically added and deleted into/from the original set such that the cost of an addition or deletion operation is independent of the number of accumulated elements. Although the first accumulator was presented ten years ago, there is still no standard formal definition of accumulators. In this paper, we generalize formal definitions for accumulators, formulate a security game for dynamic accumulators so-called Chosen Element Attack (CEA), and propose a new dynamic accumulator for batch updates based on the Paillier cryptosystem. Our construction makes a batch of update operations at unit cost. We prove its security under the extended strong RSA (es-RSA) assumption

Relevância:

10.00% 10.00%

Publicador:

Resumo:

In moderate to high sea states, the effectiveness of ship fin stabilizers can severely deteriorate due to nonlinear effects arising from unsteady hydrodynamic characteristics of the fins: dynamic stall. These nonlinear effects take the form of a hysteresis, and they become very significant when the effective angle of attack of the fins exceeds a certain threshold angle. Dynamic stall can result in a complete loss of control action depending on how much the fins exceed the threshold angle. When this is detected, it is common to reduce the gain of the controller that commands the fins. This approach is cautious and tends to reduce performance when the conditions leading to dynamic stall disappear. An alternative approach for preventing the effects while keeping high performance, consists of estimating the effective angle of attack and set a conservative constraint on it as part of the control objectives. In this paper, we investigate the latter approach, and propose the use of a model predictive control (MPC) to prevent the development of these nonlinear effects by considering constraints on both the mechanical angle of the fins and the effective angle of attack.

Relevância:

10.00% 10.00%

Publicador:

Resumo:

In this paper, we consider the problem of position regulation of a class of underactuated rigid-body vehicles that operate within a gravitational field and have fully-actuated attitude. The control objective is to regulate the vehicle position to a manifold of dimension equal to the underactuation degree. We address the problem using Port-Hamiltonian theory, and reduce the associated matching PDEs to a set of algebraic equations using a kinematic identity. The resulting method for control design is constructive. The point within the manifold to which the position is regulated is determined by the action of the potential field and the geometry of the manifold. We illustrate the performance of the controller for an unmanned aerial vehicle with underactuation degree two-a quadrotor helicopter.

Relevância:

10.00% 10.00%

Publicador:

Resumo:

The unimolecular reactivities of a range of perbenzoate anions (X-C6H5CO3-), including the perbenzoate anion itself (X=H), nitroperbenzoates (X=para-, meta-, ortho-NO2), and methoxyperbenzoates (X=para-, meta-OCH3) were investigated in the gas phase by electrospray ionization tandem mass spectrometry. The collision-induced dissociation mass spectra of these compounds reveal product ions consistent with a major loss of carbon dioxide requiring unimolecular rearrangement of the perbenzoate anion prior to fragmentation. Isotopic labeling of the perbenzoate anion supports rearrangement via an initial nucleophilic aromatic substitution at the ortho carbon of the benzene ring, while data from substituted perbenzoates indicate that nucleophilic attack at the ipso carbon can be induced in the presence of electron-withdrawing moieties at the ortho and para positions. Electronic structure calculations carried out at the B3LYP/6311++G(d,p) level of theory reveal two competing reaction pathways for decarboxylation of perbenzoate anions via initial nucleophilic substitution at the ortho and ipso positions, respectively. Somewhat surprisingly, however, the computational data indicate that the reaction proceeds in both instances via epoxidation of the benzene ring with decarboxylation resulting-at least initially-in the formation of oxepin or benzene oxide anions rather than the energetically favored phenoxide anion. As such, this novel rearrangement of perbenzoate anions provides an intriguing new pathway for epoxidation of the usually inert benzene ring.

Relevância:

10.00% 10.00%

Publicador:

Resumo:

In the developing digital economy, the notion of traditional attack on enterprises of national significance or interest has transcended into different modes of electronic attack, surpassing accepted traditional forms of physical attack upon a target. The terrorist attacks that took place in the United States on September 11, 2001 demonstrated the physical devastation that could occur if any nation were the target of a large-scale terrorist attack. Therefore, there is a need to protect criticalnational infrastructure and critical information infrastructure. In particular,this protection is crucial for the proper functioning of a modern society and for a government to fulfill one of its most important prerogatives – namely, the protection of its people. Computer networks have many benefits that governments, corporations, and individuals alike take advantage of in order to promote and perform their duties and roles. Today, there is almost complete dependence on private sector telecommunication infrastructures and the associated computer hardware and software systems.1 These infrastructures and systems even support government and defense activity.2 This Article discusses possible attacks on critical information infrastructures and the government reactions to these attacks.

Relevância:

10.00% 10.00%

Publicador:

Resumo:

The hydrolysis of triasulfuron, metsulfuron-methyl and chlorsulfuron in aqueous buffer solutions and in soil suspensions at pH values ranging from 5.2 to 11.2 was investigated. Hydrolysis of all three compounds in both aqueous buffer and soil suspensions was highly pH-sensitive. The rate of hydrolysis was much faster in the acidic pH range (5.2-6.2) than under neutral and moderately alkaline conditions (8.2-9.4), but it increased rapidly as the pH exceeded 10.2. All three compounds degraded faster at pH 5.2 than at pH 11.2. Hydrolysis rates of all three compounds could be described well with pseudo-first-order kinetics. There were no significant differences (P =0.05) in the rate constants (k, day-1) of the three compounds in soil suspensions from those in buffer solutions within the pH ranges studied. A functional relationship based on the propensity of nonionic and anionic species of the herbicides to hydrolyse was used to describe the dependence of the 'rate constant' on pH. The hydrolysis involving attack by neutral water was at least 100-fold faster when the sulfonylurea herbicides were undissociated (acidic conditions) than when they were present as the anion at near neutral pH. In aqueous buffer solution at pH > 11, a prominent degradation pathway involved O-demethylation of metsulfuron-methyl to yield a highly polar degradate, and hydrolytic opening of the triazine ring. It is concluded that these herbicides are not likely to degrade substantially through hydrolysis in most agricultural (C) 2000 Society of Chemical Industry.