298 resultados para DDOS ATTACKS
Resumo:
Crisis holds the potential for profound change in organizations and industries. The past 50 years of crisis management highlight key shifts in crisis practice, creating opportunities for multiple theories and research tracks. Defining crises such as Tylenol, Exxon Valdez, and September 11 terrorist attacks have influenced or challenged the principles of best practice of crisis communication in public relations. This study traces the development of crisis process and practice by identifying shifts in crisis research and models and mapping these against key management theories and practices. The findings define three crisis domains: crisis planning, building and testing predictive models, and mapping and measuring external environmental influences. These crisis domains mirror but lag the evolution of management theory, suggesting challenges for researchers to reshape the research agenda to close the gap and lead the next stage of development in the field of crisis communication for effective organizational outcomes.
Resumo:
Existing algebraic analyses of the ZUC cipher indicate that the cipher should be secure against algebraic attacks. In this paper, we present an alternative algebraic analysis method for the ZUC stream cipher, where a combiner is used to represent the nonlinear function and to derive equations representing the cipher. Using this approach, the initial states of ZUC can be recovered from 2^97 observed words of keystream, with a complexity of 2^282 operations. This method is more successful when applied to a modified version of ZUC, where the number of output words per clock is increased. If the cipher outputs 120 bits of keystream per clock, the attack can succeed with 219 observed keystream bits and 2^47 operations. Therefore, the security of ZUC against algebraic attack could be significantly reduced if its throughput was to be increased for efficiency.
Resumo:
Both the SSS and SOBER-t32 stream cipher designs use a single word-based shift register and a nonlinear filter function to produce keystream. In this paper we show that the algebraic attack method previously applied to SOBER-t32 is prevented from succeeding on SSS by the use of the key dependent substitution box (SBox) in the nonlinear filter of SSS. Additional assumptions and modifications to the SSS cipher in an attempt to enable algebraic analysis result in other difficulties that also render the algebraic attack infeasible. Based on these results, we conclude that a well chosen key-dependent substitution box used in the nonlinear filter of the stream cipher provides resistance against such algebraic attacks.
Resumo:
"Bollywood Extras" has been described as a bit like Vladimir Nabokov's "Lolita" (1955) meets Nathanael West's "Day of the Locust" (1939). Unlike those two classics, this new novel by Dr D. Bruno Starrs is set in 21st Century India's Hindi-language film industry epicenter known as 'Bollywood', Mumbai's answer to America's 'Hollywood'. And there is another major difference: the story (i.e. the narrative interaction between an American Extras Casting Agent, 'Dr Arden Pyle', an under-age wannabe Bollywood starlet, 'Chandy', and the despicable but wealthy Indian man who stalks her, 'Ishmail'), is all staged against a backdrop of rabid religious terrorism. Written with the unique black comedic and literary flair Dr D. Bruno Starrs is renown for, this, his 3rd full-length novel, boldly captures the feel of Mumbai and the small-time players in its big-time film industry, with style, humor and originality. Tom Flood, winner of the Miles Franklin Literary Award and founder of Flood Manuscripts, said this of the novel's second last draft: "What is best about 'Bollywood Extras' will likely be its albatross in the sliced bread world of mainstream publishing. Three strengths that make the work what it is - the length, the style, the intellectual capital - will be three strikes against it when it comes to the money. While I delight in rich language and agile invention, I've given you the reasons the trade ('legit') presses won't take 'Bollywood Extras'. Do I think you should you change it? No. I like it. Why ruin an interesting work for money?" As a professional assessor, Flood did, of course, offer many suggestions and these were duly implemented, although the author steadfastly adhered to the style he had already cemented, thus not changing in anyway what Flood refers to as its three strengths. Dr Starrs knew (having accessed Flood's professional services previously) that a 'Thumbs Up' from the best manuscript assessor in the country meant that Bollywood Extras was ready to be birthed. So, here it is: Dr Starrs has delivered his 3rd baby and 'christened' it "Bollywood Extras"!
Resumo:
This background paper to a panel discussion by four QUT staff members explores depression, mood disorders, suicide and meaning in life.
Resumo:
On 20 September 2001, the former US President, George W. Bush, declared what is now widely, and arguably infamously, known as a ‘war on terror’. In response to the fatal 9/11 attacks in New York and Washington, DC, President Bush identified the US military response as having far-reaching and long-lasting consequences. It was, he argued, ‘our war on terror’ that began ‘with al Qaeda, but … it will not end until every terrorist group of global reach has been found, stopped and defeated’ (CNN 2001). This was to be a war that would, in the words of former British Prime Minister, Tony Blair, seek to eliminate a threat that was ‘aimed at the whole democratic world’ (Blair 2001). Blair claimed that this threat is of such magnitude that unprecedented measures would need to be taken to uphold freedom and security. Blair would later admit that it was a war that ‘divided the country’ and was based on evidence ‘about Saddam having actual biological and chemical weapons, as opposed to the capability to develop them, has turned out to be wrong’ (Blair 2004). The failures of intelligence ushered in new political rhetoric in the form of ‘trust me’ because ‘instinct is no science’ (Blair 2004). The war on terror has been one of the most significant international events in the past three decades, alongside the collapse of the former Soviet Union, the end of apartheid in South Africa, the unification of Europe and the marketization of the People's Republic of China. Yet, unlike the other events, it will not be remembered for advancing democracy or sovereignty, but for the conviction politics of particular politicians who chose to dispense with international law and custom in pursuit of personal instincts that proved fatal. Since the invasions of Afghanistan in October 2001 and …
Resumo:
This project investigates machine listening and improvisation in interactive music systems with the goal of improvising musically appropriate accompaniment to an audio stream in real-time. The input audio may be from a live musical ensemble, or playback of a recording for use by a DJ. I present a collection of robust techniques for machine listening in the context of Western popular dance music genres, and strategies of improvisation to allow for intuitive and musically salient interaction in live performance. The findings are embodied in a computational agent – the Jambot – capable of real-time musical improvisation in an ensemble setting. Conceptually the agent’s functionality is split into three domains: reception, analysis and generation. The project has resulted in novel techniques for addressing a range of issues in each of these domains. In the reception domain I present a novel suite of onset detection algorithms for real-time detection and classification of percussive onsets. This suite achieves reasonable discrimination between the kick, snare and hi-hat attacks of a standard drum-kit, with sufficiently low-latency to allow perceptually simultaneous triggering of accompaniment notes. The onset detection algorithms are designed to operate in the context of complex polyphonic audio. In the analysis domain I present novel beat-tracking and metre-induction algorithms that operate in real-time and are responsive to change in a live setting. I also present a novel analytic model of rhythm, based on musically salient features. This model informs the generation process, affording intuitive parametric control and allowing for the creation of a broad range of interesting rhythms. In the generation domain I present a novel improvisatory architecture drawing on theories of music perception, which provides a mechanism for the real-time generation of complementary accompaniment in an ensemble setting. All of these innovations have been combined into a computational agent – the Jambot, which is capable of producing improvised percussive musical accompaniment to an audio stream in real-time. I situate the architectural philosophy of the Jambot within contemporary debate regarding the nature of cognition and artificial intelligence, and argue for an approach to algorithmic improvisation that privileges the minimisation of cognitive dissonance in human-computer interaction. This thesis contains extensive written discussions of the Jambot and its component algorithms, along with some comparative analyses of aspects of its operation and aesthetic evaluations of its output. The accompanying CD contains the Jambot software, along with video documentation of experiments and performances conducted during the project.
Resumo:
Hong Kong in summer (June - October) is hot and humid. Construction workers have to undertake physically demanding activities and often in confined spaces. They are vulnerable to heat stress in summer hence health and safety measures associated to heat stress measured by scientific and clinical parameters are urgently needed. This paper provides an initial report of a research project funded by the Research Grants Council (RGC) of the HKSAR. The aim of this study is to develop a set of indices measured by clinical and scientific methods to detect impending attacks of heat stress. These indices would be of tremendous value in better safeguarding workers’ health and safety by reducing the occurrences of heat stress on site. This paper firstly reports on the statistics of construction incidents arising from heat stress. Qualitative and quantitative research methods applied in conducting the research are discussed. It is believed that the construction industry and the government would benefit a lot as a result of this study.
Resumo:
In many applications, where encrypted traffic flows from an open (public) domain to a protected (private) domain, there exists a gateway that bridges the two domains and faithfully forwards the incoming traffic to the receiver. We observe that indistringuishability against (adaptive) chosen-ciphertext attacks (IND-CCA), which is a mandatory goal in face of active attacks in a public domain, can be essentially relaxed to indistinguishability against chosen-plaintext attacks (IND-CPA) for ciphertexts once they pass the gateway that acts as an IND-CCA/CPA filter by first checking the validity of an incoming IND-CCA ciphertext, then transforming it (if valid) into an IND-CPA ciphertext, and forwarding the latter to the receipient in the private domain. "Non-trivial filtering" can result in reduced decryption costs on the receivers' side. We identify a class of encryption schemes with publicaly verifiable ciphertexts that admit generic constructions of (non-trivial) IND-CCA/CPA filters. These schemes are characterized by existence of public algorithms that can distinguish between valid and invalid ciphertexts. To this end, we formally define (non-trivial) public verifiability of ciphertexts for general encryption schemes, key encapsulation mechanisms, and hybrid encryption schemes, encompassing public-key, identity-based, and tag-based encryption flavours. We further analyze the security impact of public verifiability and discuss generic transformations and concrete constructions that enjoy this property.
Resumo:
As a growing number of nations embark on a path to democracy, criminologists have become increasingly interested and engaged in the challenges, concerns, and questions connecting democracy with both crime and criminal justice. Rising levels of violence and street crime, white collar crime and corruption both in countries where democracy is securely in place and where it is struggling, have fuelled a deepening skepticism as to the capacity of democracy to deliver on its promise of security and justice for all citizens. What role does crime and criminal justice play in the future of democracy and for democratic political development on a global level? The editors of this special volume of The Annals realized the importance of collecting research from a broad spectrum of countries and covering a range of problems that affect citizens, politicians, and criminal justice officials. The articles here represent a solid balance between mature democracies like the U.S. and U.K. as well as emerging democracies around the globe – specifically in Latin America, Africa and Eastern Europe. They are based on large and small cross-national samples, regional comparisons, and case studies. Each contribution addresses a seminal question for the future of democratic political development across the globe. What is the role of criminal justice in the process of building democracy and instilling confidence in its institutions? Is there a role for unions in democratizing police forces? What is the impact of widespread disenfranchisement of felons on democratic citizenship and the life of democratic institutions? Under what circumstances do mature democracies adopt punitive sentencing regimes? Addressing sensitive topics such as relations between police and the Muslim communities of Western Europe in the wake of terrorist attacks, this volume also sheds light on the effects of terrorism on mature democracies under increasing pressure to provide security for their citizens. By taking a broad vantage point, this collection of research delves into complex topics such as the relationship between the process of democratization and violent crime waves; the impact of rising crime rates on newly established as well as secure democracies; how crime may endanger the transition to democracy; and how existing practices of criminal justice in mature democracies affect their core values and institutions. The collection of these insightful articles not only begins to fill a gap in criminological research but also addresses issues of critical interest to political scientists as well as other social and behavioral scientists and scholars. Taking a fresh approach to the intersection of crime, criminal justice, and democracy, this volume of The Annals is a must-read for criminologists and political scientists and provides a solid foundation for further interdisciplinary research.
Resumo:
This book examines public worrying over 'ethnic crime' and what it tells us about Australia today. How, for instance, can the blame for a series of brutal group sexual assaults in Sydney be so widely attributed to whole ethnic communities? How is it that the arrival of a foundering boatload of asylum-seekers mostly seeking refuge from despotic regimes in 'the Middle East' can be manipulated to characterise complete cohorts of applicants for refuge 'and their immigrant compatriots' as dangerous, dishonest, criminally inclined and inhuman? How did the airborne terror attacks on the USA on 11 September 2001 exacerbate existing tendencies in Australia to stereotype Arabs and Muslims as backward, inassimilable, without respect for Western laws and values, and complicit with barbarism and terrorism? Bin Laden in the Suburbs argues that we are witnessing the emergence of the 'Arab Other' as the pre-eminent 'folk devil' of our time. This Arab Other functions in the national imaginary to prop up the project of national belonging. It has little to do with the lived experiences of Arab, Middle Eastern or Muslim Australians, and everything to do with a host of social anxieties which overlap in a series of moral panics. Bin Laden in the Suburbs analyses a decisive moment in the history of multiculturalism in Australia. 'Unlike most migrants, the Arab migrant is a subversive will ... They invade our shores, take over our neighbourhood and rape our women. They are all little bin Ladens and they are everywhere: Explicit bin Ladens and closet bin Ladens; Conscious bin Ladens and unconscious bin Ladens; bin Ladens on the beach and bin Ladens in the suburbs, as this book is aptly titled. Within this register ... even a single Arab is a threat. Contain the Arab or exterminate the Arab? A 'tolerable' presence in the suburbs, or caged in a concentration camp? ... The politics of the Western post-colonial state is constantly and dangerously oscillating between these tendencies today. It is this dangerous oscillation that is so lucidly exposed in this book'.
Resumo:
This paper presents a model for generating a MAC tag with a stream cipher using the input message indirectly. Several recent proposals represent instances of this model with slightly different options. We investigate the security of this model for different options, and identify cases which permit forgery attacks. Based on this, we present a new forgery attack on version 1.4 of 128-EIA3. Design recommendations to enhance the security of proposals following this general model are given.
Resumo:
This paper presents a model for generating a MAC tag by injecting the input message directly into the internal state of a nonlinear filter generator. This model generalises a similar model for unkeyed hash functions proposed by Nakano et al. We develop a matrix representation for the accumulation phase of our model and use it to analyse the security of the model against man-in-the-middle forgery attacks based on collisions in the final register contents. The results of this analysis show that some conclusions of Nakano et al regarding the security of their model are incorrect. We also use our results to comment on several recent MAC proposals which can be considered as instances of our model and specify choices of options within the model which should prevent the type of forgery discussed here. In particular, suitable initialisation of the register and active use of a secure nonlinear filter will prevent an attacker from finding a collision in the final register contents which could result in a forged MAC.
Resumo:
Security indicators in web browsers alert users to the presence of a secure connection between their computer and a web server; many studies have shown that such indicators are largely ignored by users in general. In other areas of computer security, research has shown that technical expertise can decrease user susceptibility to attacks. In this work, we examine whether computer or security expertise affects use of web browser security indicators. Our study takes place in the context of web-based single sign-on, in which a user can use credentials from a single identity provider to login to many relying websites; single sign-on is a more complex, and hence more difficult, security task for users. In our study, we used eye trackers and surveyed participants to examine the cues individuals use and those they report using, respectively. Our results show that users with security expertise are more likely to self-report looking at security indicators, and eye-tracking data shows they have longer gaze duration at security indicators than those without security expertise. However, computer expertise alone is not correlated with recorded use of security indicators. In survey questions, neither experts nor novices demonstrate a good understanding of the security consequences of web-based single sign-on.
Resumo:
Due to increased complexity, scale, and functionality of information and telecommunication (IT) infrastructures, every day new exploits and vulnerabilities are discovered. These vulnerabilities are most of the time used by ma¬licious people to penetrate these IT infrastructures for mainly disrupting business or stealing intellectual pro¬perties. Current incidents prove that it is not sufficient anymore to perform manual security tests of the IT infra¬structure based on sporadic security audits. Instead net¬works should be continuously tested against possible attacks. In this paper we present current results and challenges towards realizing automated and scalable solutions to identify possible attack scenarios in an IT in¬frastructure. Namely, we define an extensible frame¬work which uses public vulnerability databases to identify pro¬bable multi-step attacks in an IT infrastructure, and pro¬vide recommendations in the form of patching strategies, topology changes, and configuration updates.
