260 resultados para Sulfate Attack
Resumo:
LEX is a stream cipher that progressed to Phase 3 of the eSTREAM stream cipher project. In this paper, we show that the security of LEX against algebraic attacks relies on a small equation system not being solvable faster than exhaustive search. We use the byte leakage in LEX to construct a system of 21 equa- tions in 17 variables. This is very close to the require- ment for an efficient attack, i.e. a system containing 16 variables. The system requires only 36 bytes of keystream, which is very low.
Resumo:
This paper provides a fresh analysis of the widely-used Common Scrambling Algorithm Stream Cipher (CSA-SC). Firstly, a new representation of CSA-SC with a state size of only 89 bits is given, a significant reduction from the 103 bit state of a previous CSA-SC representation. Analysis of this 89-bit representation demonstrates that the basis of a previous guess-and-determine attack is flawed. Correcting this flaw increases the complexity of that attack so that it is worse than exhaustive key search. Although that attack is not feasible, the reduced state size of our representation makes it obvious that CSA-SC is vulnerable to several generic attacks, for which feasible parameters are given.
Resumo:
Process Control Systems (PCSs) or Supervisory Control and Data Acquisition (SCADA) systems have recently been added to the already wide collection of wireless sensor networks applications. The PCS/SCADA environment is somewhat more amenable to the use of heavy cryptographic mechanisms such as public key cryptography than other sensor application environments. The sensor nodes in the environment, however, are still open to devastating attacks such as node capture, which makes designing a secure key management challenging. In this paper, a key management scheme is proposed to defeat node capture attack by offering both forward and backward secrecies. Our scheme overcomes the pitfalls which Nilsson et al.'s scheme suffers from, and is not more expensive than their scheme.
Resumo:
This paper introduces fast algorithms for performing group operations on twisted Edwards curves, pushing the recent speed limits of Elliptic Curve Cryptography (ECC) forward in a wide range of applications. Notably, the new addition algorithm uses for suitably selected curve constants. In comparison, the fastest point addition algorithms for (twisted) Edwards curves stated in the literature use . It is also shown that the new addition algorithm can be implemented with four processors dropping the effective cost to . This implies an effective speed increase by the full factor of 4 over the sequential case. Our results allow faster implementation of elliptic curve scalar multiplication. In addition, the new point addition algorithm can be used to provide a natural protection from side channel attacks based on simple power analysis (SPA).
Resumo:
This paper improves implementation techniques of Elliptic Curve Cryptography. We introduce new formulae and algorithms for the group law on Jacobi quartic, Jacobi intersection, Edwards, and Hessian curves. The proposed formulae and algorithms can save time in suitable point representations. To support our claims, a cost comparison is made with classic scalar multiplication algorithms using previous and current operation counts. Most notably, the best speeds are obtained from Jacobi quartic curves which provide the fastest timings for most scalar multiplication strategies benefiting from the proposed 12M + 5S + 1D point doubling and 7M + 3S + 1D point addition algorithms. Furthermore, the new addition algorithm provides an efficient way to protect against side channel attacks which are based on simple power analysis (SPA). Keywords: Efficient elliptic curve arithmetic,unified addition, side channel attack.
Resumo:
The role that heparanase plays during metastasis and angiogenesis in tumors makes it an attractive target for cancer therapeutics. Despite this enzyme’s significance, most of the assays developed to measure its activity are complex. Moreover, they usually rely on labeling variable preparations of the natural substrate heparan sulfate, making comparisons across studies precarious. To overcome these problems, we have developed a convenient assay based on the cleavage of the synthetic heparin oligosaccharide fondaparinux. The assay measures the appearance of the disaccharide product of heparanase-catalyzed fondaparinux cleavage colorimetrically using the tetrazolium salt WST-1. Because this assay has a homogeneous substrate with a single point of cleavage, the kinetics of the enzyme can be reliably characterized, giving a Km of 46 μM and a kcat of 3.5 s−1 with fondaparinux as substrate. The inhibition of heparanase by the published inhibitor, PI-88, was also studied, and a Ki of 7.9 nM was determined. The simplicity and robustness of this method, should, not only greatly assist routine assay of heparanase activity but also could be adapted for high-throughput screening of compound libraries, with the data generated being directly comparable across studies.
Resumo:
Landscape in Australian multi-unit residential developments has passed through a number of phases. Can we make the successes more intentional than serendipitous? When did the block of flats become renamed "multi-unit residential"? Perhaps it coincided with a realization by Australians that medium - and high-density urban housing was neither an attack on the quarter-acre block nor a synonym for public housing. Higher densities allow people to participate in the city, and the expansion of unit-based housing represents Australians' growing love of cities for their urban and cosmopolitan values. As our attitude to the city has changed, so have the types of multi-unit residential stock changed - in their spatial qualities as well as their role in the landscape.
Resumo:
Monitoring unused or dark IP addresses offers opportunities to extract useful information about both on-going and new attack patterns. In recent years, different techniques have been used to analyze such traffic including sequential analysis where a change in traffic behavior, for example change in mean, is used as an indication of malicious activity. Change points themselves say little about detected change; further data processing is necessary for the extraction of useful information and to identify the exact cause of the detected change which is limited due to the size and nature of observed traffic. In this paper, we address the problem of analyzing a large volume of such traffic by correlating change points identified in different traffic parameters. The significance of the proposed technique is two-fold. Firstly, automatic extraction of information related to change points by correlating change points detected across multiple traffic parameters. Secondly, validation of the detected change point by the simultaneous presence of another change point in a different parameter. Using a real network trace collected from unused IP addresses, we demonstrate that the proposed technique enables us to not only validate the change point but also extract useful information about the causes of change points.
Resumo:
This research investigates wireless intrusion detection techniques for detecting attacks on IEEE 802.11i Robust Secure Networks (RSNs). Despite using a variety of comprehensive preventative security measures, the RSNs remain vulnerable to a number of attacks. Failure of preventative measures to address all RSN vulnerabilities dictates the need for a comprehensive monitoring capability to detect all attacks on RSNs and also to proactively address potential security vulnerabilities by detecting security policy violations in the WLAN. This research proposes novel wireless intrusion detection techniques to address these monitoring requirements and also studies correlation of the generated alarms across wireless intrusion detection system (WIDS) sensors and the detection techniques themselves for greater reliability and robustness. The specific outcomes of this research are: A comprehensive review of the outstanding vulnerabilities and attacks in IEEE 802.11i RSNs. A comprehensive review of the wireless intrusion detection techniques currently available for detecting attacks on RSNs. Identification of the drawbacks and limitations of the currently available wireless intrusion detection techniques in detecting attacks on RSNs. Development of three novel wireless intrusion detection techniques for detecting RSN attacks and security policy violations in RSNs. Development of algorithms for each novel intrusion detection technique to correlate alarms across distributed sensors of a WIDS. Development of an algorithm for automatic attack scenario detection using cross detection technique correlation. Development of an algorithm to automatically assign priority to the detected attack scenario using cross detection technique correlation.
Resumo:
Science has been under attack in the last thirty years, and recently a number of prominent scientists have been busy fighting back. Here, an argument is presented that the `science wars' stem from an unreasonably strict adherence to the reductive method on the part of science, but that weakening this stance need not imply a lapse into subjectivity. One possible method for formalising the description of non-separable, contextually dependent complex systems is presented. This is based upon a quantum-like approach.
Resumo:
Raman spectra of pseudojohannite were studied and related to the structure of the mineral. Observed bands were assigned to the stretching and bending vibrations of (UO2)2+ and (SO4)2- units and of water molecules. The published formula of pseudojohannite is Cu6.5(UO2)8\[O8](OH)5\[(SO4)4].25H2O; however Raman spectroscopy does not detect any hydroxyl units. Raman bands at 805 and 810 cm-1 are assigned to (UO2)2+ stretching modes. The Raman bands at 1017 and 1100 cm-1 are assigned to the (SO4)2- symmetric and antisymmetric stretching vibrations. The three Raman bands at 423, 465 and 496 cm-1 are assigned to the (SO4)2- ν2 bending modes. The bands at 210 and 279 cm-1 are assigned to the doubly degenerate ν2 bending vibration of the (UO2)2+ units. U-O bond lengths in uranyl and O-H…O hydrogen bond lengths were calculated from the Raman and infrared spectra.
Resumo:
Background : Migraine is a common cause of disability. Many subjects (30 – 40%) do not respond to the 5-HT 1B/1D agonists (the triptans) commonly used in the treatment of migraine attacks. Calcitonin gene-related protein (CGRP) receptor antagonism is a new approach to the treatment of migraine attacks. Objectives/methods : This evaluation is of a Phase III clinical trial comparing telcagepant, an orally active CGRP receptor antagonist, with zolmitriptan in subjects during an attack of migraine. Results : Telcagepant 300 mg has a similar efficacy to zolmitriptan in relieving pain, phonophobia, photophobia, and nausea. Telcagepant was better tolerated than zolmitriptan. Conclusions : The initial Phase III clinical trial results with telcagepant are promising but several further clinical trials are needed to determine the place of telcagepant in the treatment of migraine attacks
Resumo:
Insulin-like growth factor binding proteins (IGFBPs) are prime regulators of IGF-action in numerous cell types including the retinal pigment epithelium (RPE). The RPE performs several functions essential for vision, including growth factor secretion and waste removal via a phagocytic process mediated in part by vitronectin (Vn). In the course of studying the effects of IGFBPs on IGF-mediated VEGF secretion and Vn-mediated phagocytosis in the RPE cell line ARPE-19, we have discovered that these cells avidly ingest synthetic microspheres (2.0 μm diameter) coated with IGFBPs. Given the novelty of this finding and the established role for endocytosis in mediating IGFBP actions in other cell types, we have explored the potential role of candidate cell surface receptors. Moreover, we have examined the role of key IGFBP structural motifs, by comparing responses to three members of the IGFBP family (IGFBP-3, IGFBP-4 and IGFBP-5) which display overlapping variations in primary structure and glycosylation status. Coating of microspheres (FluoSpheres®, sulfate modified polystyrene filled with a fluorophore) was conducted at 37 °C for 1 h using 20 μg/mL of test protein, followed by extensive washing. Binding of proteins was confirmed using a microBCA assay. The negative control consisted of microspheres treated with 0.1% bovine serum albumin (BSA), and all test samples were post-treated with BSA in an effort to coat any remaining free protein binding sites, which might otherwise encourage non-specific interactions with the cell surface. Serum-starved cultures of ARPE-19 cells were incubated with microspheres for 24 h, using a ratio of approximately 100 microspheres per cell. Uptake of microspheres was quantified using a fluorometer and was confirmed visually by confocal fluorescence microscopy. The ARPE-19 cells displayed little affinity for BSA-treated microspheres, but avidly ingested large quantities of those pre-treated with Vn (ANOVA; p < 0.001). Strong responses were also observed towards recombinant formulations of non-glycosylated IGFBP-3, glycosylated IGFBP-3 and glycosylated IGFBP-5 (all p < 0.001), while glycosylated IGFBP-4 induced a relatively minor response (p < 0.05). The response to IGFBP-3 was unaffected in the presence of excess soluble IGFBP-3, IGF-I or Vn. Likewise, soluble IGFBP-3 did not induce uptake of BSA-treated microspheres. Antibodies to either the transferrin receptor or type 1 IGF-receptor displayed slight inhibitory effects on responses to IGFBPs and Vn. Heparin abolished responses to Vn, IGFBP-5 and non-glycosylated IGFBP-3, but only partially inhibited the response to glycosylated IGFBP-3. Our results demonstrate for the first time IGFBP-mediated endocytosis in ARPE-19 cells and suggest roles for the IGFBP-heparin-binding domain and glycosylation status. These findings have important implications for understanding the mechanisms of IGFBP actions on the RPE, and in particular suggest a role for IGFBP-endocytosis.
Resumo:
Buffer overflow vulnerabilities continue to prevail and the sophistication of attacks targeting these vulnerabilities is continuously increasing. As a successful attack of this type has the potential to completely compromise the integrity of the targeted host, early detection is vital. This thesis examines generic approaches for detecting executable payload attacks, without prior knowledge of the implementation of the attack, in such a way that new and previously unseen attacks are detectable. Executable payloads are analysed in detail for attacks targeting the Linux and Windows operating systems executing on an Intel IA-32 architecture. The execution flow of attack payloads are analysed and a generic model of execution is examined. A novel classification scheme for executable attack payloads is presented which allows for characterisation of executable payloads and facilitates vulnerability and threat assessments, and intrusion detection capability assessments for intrusion detection systems. An intrusion detection capability assessment may be utilised to determine whether or not a deployed system is able to detect a specific attack and to identify requirements for intrusion detection functionality for the development of new detection methods. Two novel detection methods are presented capable of detecting new and previously unseen executable attack payloads. The detection methods are capable of identifying and enumerating the executable payload’s interactions with the operating system on the targeted host at the time of compromise. The detection methods are further validated using real world data including executable payload attacks.
Resumo:
Monitoring Internet traffic is critical in order to acquire a good understanding of threats to computer and network security and in designing efficient computer security systems. Researchers and network administrators have applied several approaches to monitoring traffic for malicious content. These techniques include monitoring network components, aggregating IDS alerts, and monitoring unused IP address spaces. Another method for monitoring and analyzing malicious traffic, which has been widely tried and accepted, is the use of honeypots. Honeypots are very valuable security resources for gathering artefacts associated with a variety of Internet attack activities. As honeypots run no production services, any contact with them is considered potentially malicious or suspicious by definition. This unique characteristic of the honeypot reduces the amount of collected traffic and makes it a more valuable source of information than other existing techniques. Currently, there is insufficient research in the honeypot data analysis field. To date, most of the work on honeypots has been devoted to the design of new honeypots or optimizing the current ones. Approaches for analyzing data collected from honeypots, especially low-interaction honeypots, are presently immature, while analysis techniques are manual and focus mainly on identifying existing attacks. This research addresses the need for developing more advanced techniques for analyzing Internet traffic data collected from low-interaction honeypots. We believe that characterizing honeypot traffic will improve the security of networks and, if the honeypot data is handled in time, give early signs of new vulnerabilities or breakouts of new automated malicious codes, such as worms. The outcomes of this research include: • Identification of repeated use of attack tools and attack processes through grouping activities that exhibit similar packet inter-arrival time distributions using the cliquing algorithm; • Application of principal component analysis to detect the structure of attackers’ activities present in low-interaction honeypots and to visualize attackers’ behaviors; • Detection of new attacks in low-interaction honeypot traffic through the use of the principal component’s residual space and the square prediction error statistic; • Real-time detection of new attacks using recursive principal component analysis; • A proof of concept implementation for honeypot traffic analysis and real time monitoring.
