342 resultados para Speculative attacks
Resumo:
While formal definitions and security proofs are well established in some fields like cryptography and steganography, they are not as evident in digital watermarking research. A systematic development of watermarking schemes is desirable, but at present their development is usually informal, ad hoc, and omits the complete realization of application scenarios. This practice not only hinders the choice and use of a suitable scheme for a watermarking application, but also leads to debate about the state-of-the-art for different watermarking applications. With a view to the systematic development of watermarking schemes, we present a formal generic model for digital image watermarking. Considering possible inputs, outputs, and component functions, the initial construction of a basic watermarking model is developed further to incorporate the use of keys. On the basis of our proposed model, fundamental watermarking properties are defined and their importance exemplified for different image applications. We also define a set of possible attacks using our model showing different winning scenarios depending on the adversary capabilities. It is envisaged that with a proper consideration of watermarking properties and adversary actions in different image applications, use of the proposed model would allow a unified treatment of all practically meaningful variants of watermarking schemes.
Resumo:
Compression is desirable for network applications as it saves bandwidth; however, when data is compressed before being encrypted, the amount of compression leaks information about the amount of redundancy in the plaintext. This side channel has led to successful CRIME and BREACH attacks on web traffic protected by the Transport Layer Security (TLS) protocol. The general guidance in light of these attacks has been to disable compression, preserving confidentiality but sacrificing bandwidth. In this paper, we examine two techniques - heuristic separation of secrets and fixed-dictionary compression|for enabling compression while protecting high-value secrets, such as cookies, from attack. We model the security offered by these techniques and report on the amount of compressibility that they can achieve.
Resumo:
The Distributed Network Protocol v3.0 (DNP3) is one of the most widely used protocols, to control national infrastructure. Widely used interactive packet manipulation tools, such as Scapy, have not yet been augmented to parse and create DNP3 frames (Biondi 2014). In this paper we extend Scapy to include DNP3, thus allowing us to perform attacks on DNP3 in real-time. Our contribution builds on East et al. (2009), who proposed a range of possible attacks on DNP3. We implement several of these attacks to validate our DNP3 extension to Scapy, then executed the attacks on real world equipment. We present our results, showing that many of these theoretical attacks would be unsuccessful in an Ethernet-based network.
Resumo:
Recently Gao et al. proposed a lightweight RFID mutual authentication protocol [3] to resist against intermittent position trace attacks and desynchronization attacks and called it RIPTA-DA. They also verified their protocol’s security by data reduction method with the learning parity with noise (LPN) and also formally verified the functionality of the proposed scheme by Colored Petri Nets. In this paper, we investigate RIPTA-DA’s security. We present an efficient secret disclosure attack against the protocol which can be used to mount both de-synchronization and traceability attacks against the protocol. Thus our attacks show that RIPTA-DA protocol is not a RIPTA-DA.
Resumo:
An intrinsic challenge associated with evaluating proposed techniques for detecting Distributed Denial-of-Service (DDoS) attacks and distinguishing them from Flash Events (FEs) is the extreme scarcity of publicly available real-word traffic traces. Those available are either heavily anonymised or too old to accurately reflect the current trends in DDoS attacks and FEs. This paper proposes a traffic generation and testbed framework for synthetically generating different types of realistic DDoS attacks, FEs and other benign traffic traces, and monitoring their effects on the target. Using only modest hardware resources, the proposed framework, consisting of a customised software traffic generator, ‘Botloader’, is capable of generating a configurable mix of two-way traffic, for emulating either large-scale DDoS attacks, FEs or benign traffic traces that are experimentally reproducible. Botloader uses IP-aliasing, a well-known technique available on most computing platforms, to create thousands of interactive UDP/TCP endpoints on a single computer, each bound to a unique IP-address, to emulate large numbers of simultaneous attackers or benign clients.
Resumo:
Urban planning policies in Australia presuppose apartments as the new dominant housing type, but much of what the market has delivered is criticised as over-development, and as being generic, poorly-designed, environmentally unsustainable and unaffordable. Policy responses to this problem typically focus on planning regulation and construction costs as the primary issues needing to be addressed in order to increase the supply of quality, affordable apartment housing. In contrast, this paper uses Ball’s (1983) ‘structures of provision’ approach to outline the key processes informing apartment development and identifies a substantial gap in critical understanding of how apartments are developed in Australia. This reveals economic problems not typically considered by policymakers. Using mainstream economic analysis to review the market itself, the authors found high search costs, demand risk, problems with exchange, and lack of competition present key barriers to achieving greater affordability and limit the extent to which ‘speculative’ developers can respond to the preferences of would be owner-occupiers of apartments. The existing development model, which is reliant on capturing uplift in site value, suits investors seeking rental yields in the first instance and capital gains in the second instance, and actively encourages housing price inflation. This is exacerbated by lack of density restrictions, such as have existed in inner Melbourne for many years, which permits greater yields on redevelopment sites. The price of land in the vicinity of such redevelopment sites is pushed up as landholders' expectation of future yield is raised. All too frequently existing redevelopment sites go back onto the market as vendors seek to capture the uplift in site value and exit the project in a risk free manner...
Resumo:
In this paper, we analyse a block cipher mode of operation submitted in 2014 to the cryptographic competition for authenticated encryption (CAESAR). This mode is designed by Recacha and called ++AE (plus-plus-ae). We propose a chosen plaintext forgery attack on ++AE that requires only a single chosen message query to allow an attacker to construct multiple forged messages. Our attack is deterministic and guaranteed to pass ++AE integrity check. We demonstrate the forgery attack using 128-bit AES as the underlying block cipher. Hence, ++AE is insecure as an authenticated encryption mode of operation.
Resumo:
In this work, we examine unbalanced computation between an initiator and a responder that leads to resource exhaustion attacks in key exchange protocols. We construct models for two cryp-tographic protocols; one is the well-known Internet protocol named Secure Socket Layer (SSL) protocol, and the other one is the Host Identity Protocol (HIP) which has built-in DoS-resistant mechanisms. To examine such protocols, we develop a formal framework based on Timed Coloured Petri Nets (Timed CPNs) and use a simulation approach provided in CPN Tools to achieve a formal analysis. By adopting the key idea of Meadows' cost-based framework and re¯ning the de¯nition of operational costs during the protocol execution, our simulation provides an accurate cost estimate of protocol execution compar- ing among principals, as well as the percentage of successful connections from legitimate users, under four di®erent strategies of DoS attack.
Resumo:
Supervisory Control And Data Acquisition (SCADA) systems are widely used in the management of critical infrastructure such as electricity and water distrubution systems. Currently there is little understanding of how to best protect SCADA systems from malicious attacks. We review the constraints and requirements for SCADA security and propose a suitable architecture (SKMA) for secure SCADA communications. The architecture includes a proposed key management protocol (SKMP). We compare the architecture with a previous proposal from Sandia Labs.
Resumo:
Bomb attacks carried out by terrorists, targeting high occupancy buildings, have become increasingly common in recent times. Large numbers of casualties and property damage result from overpressure of the blast followed by failing of structural elements. Understanding the blast response of multi-storey buildings and evaluating their remaining life have therefore become important. Response and damage analysis of single structural components, such as columns or slabs, to explosive loads have been examined in the literature, but the studies on blast response and damage analysis of structural frames in multi-storey buildings is limited and this is necessary for assessing the vulnerability of them. This paper investigates the blast response and damage evaluation of reinforced concrete (RC) frames, designed for normal gravity loads, in order to evaluate their remaining life. Numerical modelling and analysis were carried out using the explicit finite element software, LS DYNA. The modelling and analysis takes into consideration reinforcement details together and material performance under higher strain rates. Damage indices for columns are calculated based on their residual and original capacities. Numerical results generated in the can be used to identify relationships between the blast load parameters and the column damage. Damage index curve will provide a simple means for assessing the damage to a typical multi-storey building RC frame under an external bomb circumstance.
Resumo:
In this study, Lampert examines how cultural identities are constructed within fictional texts for young people written about the attacks on the Twin Towers. It identifi es three significant identity categories encoded in 9/11 books for children:ethnic identities, national identities, and heroic identities,arguing that the identities formed within the selected children’s texts are in flux, privileging performances of identities that are contingent on post-9/11 politics. Looking at texts including picture books, young adult fiction, and a selection of DC Comics, Lampert finds in post-9/11 children’s literature a co-mingling of xenophobia and tolerance; a binaried competition between good and evil and global harmony and national insularity; and a lauding of both the commonplace hero and the super-human. The shifting identities evident in texts that are being produced for children about 9/11 offer implicit and explicit accounts of what constitutes good citizenship, loyalty to nation and community, and desirable attributes in a Western post-9/11 context. This book makes an original contribution to the field of children’s literature by providing a focused and sustained analysis of how texts for children about 9/11 contribute to formations of identity in these complex times of cultural unease and global unrest.
Resumo:
The picturesque aesthetic in the work of Sir John Soane, architect and collector, resonates in the major work of his very personal practice – the development of his house museum, now the Soane Museum in Lincoln’s Inn Fields in London. Soane was actively involved with the debates, practices and proponents of picturesque and classical practices in architecture and landscape and his lectures reveal these influences in the making of The Soane, which was built to contain and present diverse collections of classical and contemporary art and architecture alongside scavenged curiosities. The Soane Museum has been described as a picturesque landscape, where a pictorial style, together with a carefully defined itinerary, has resulted in the ‘apotheosis of the Picturesque interior’. Soane also experimented with making mock ruinscapes within gardens, which led him to construct faux architectures alluding to archaeological practices based upon the ruin and the fragment. These ideas framed the making of interior landscapes expressed through spatial juxtapositions of room and corridor furnished with the collected object that characterise The Soane Museum. This paper is a personal journey through the Museum which describes and then reviews aspects of Soane’s work in the context of contemporary theories on ‘new’ museology. It describes the underpinning picturesque practices that Soane employed to exceed the boundaries between interior and exterior landscapes and the collection. It then applies particular picturesque principles drawn from visiting The Soane to a speculative project for a house/landscape museum for the Oratunga historic property in outback South Australia, where the often, normalising effects of conservation practices are reviewed using minimal architectural intervention through a celebration of ruinous states.
Resumo:
We treat the security of group key exchange (GKE) in the universal composability (UC) framework. Analyzing GKE protocols in the UC framework naturally addresses attacks by malicious insiders. We define an ideal functionality for GKE that captures contributiveness in addition to other desired security goals. We show that an efficient two-round protocol securely realizes the proposed functionality in the random oracle model. As a result, we obtain the most efficient UC-secure contributory GKE protocol known.
