124 resultados para Security vulnerabilities
Resumo:
On 26 December 2003 an Israeli activist was shot by the Israeli Army while he was participating in a demonstration organized by Anarchists Against the Wall (AAtW) in the West Bank. This was the first time Israeli Soldiers have deliberately shot live bullets at a Jewish-Israeli activist. This paper is an attempt to understand the set of conditions, the enveloping frameworks, and the new discourses that have made this event, and similar shootings that soon followed, possible. Situating the actions of AAtW within a much wider context of securitization—of identities, movements, and bodies—we examine strategies of resistance which are deployed in highly securitized public spaces. We claim that an unexpected matrix of identity in which abnormality is configured as security threat render the bodies of activists especially precarious. The paper thus provides an account of the new rationales of security technologies and tactics which increasingly govern public spaces.
Resumo:
This letter proposes several relay selection policies for secure communication in cognitive decode-and-forward (DF) relay networks, where a pair of cognitive relays are opportunistically selected for security protection against eavesdropping. The first relay transmits the secrecy information to the destination,
and the second relay, as a friendly jammer, transmits the jamming signal to confound the eavesdropper. We present new exact closed-form expressions for the secrecy outage probability. Our analysis and simulation results strongly support our conclusion that the proposed relay selection policies can enhance the performance of secure cognitive radio. We also confirm that the error floor phenomenon is created in the absence of jamming.
Resumo:
Cognitive radio has emerged as an essential recipe for future high-capacity high-coverage multi-tier hierarchical networks. Securing data transmission in these networks is of utmost importance. In this paper, we consider the cognitive wiretap channel and propose multiple antennas to secure the transmission at the physical layer, where the eavesdropper overhears the transmission from the secondary transmitter to the secondary receiver. The secondary receiver and the eavesdropper are equipped with multiple antennas, and passive eavesdropping is considered where the channel state information of the eavesdropper’s channel is not available at the secondary transmitter. We present new closedform expressions for the exact and asymptotic secrecy outage probability. Our results reveal the impact of the primary network on the secondary network in the presence of a multi-antenna wiretap channel.
Resumo:
This paper critically interrogates how borders are produced by scientists, engineers and security experts in advance of the actual deployment of technical devices they develop. This paper explores the prior stages of translation and decision-making as a socio-technical device is conceived and developed. Drawing on in-depth interviews, observations and ethnographic research of the EU-funded Handhold project (consisting of nine teams in five countries), it explores how assumptions about the way security technologies will and should perform at the border shape the way that scientists, engineers, and security experts develop a portable, integrated device to detect CBRNE threats at borders. In disaggregating the moments of sovereign decision making across multiple sites and times, this paper questions the supposed linearity of how science comes out of and feeds back into the world of border security. An interrogation of competing assumptions and understandings of security threats and needs, of competing logics of innovation and pragmatism, of the demands of differentiated temporalities in detection and interrogation, and of the presumed capacities, behaviours, and needs of phantasmic competitors and end-users reveals a complex, circulating and co-constitutive process of device development that laboratises the border itself. We trace how sovereign decisions are enacted as assemblages in the antecedent register of device development itself through the everyday decisions of researchers in the laboratory, and the material components of the Handhold device itself.
Resumo:
Invited talk, representing the Royal Society
Resumo:
Cyber threats in Supervisory Control and Data Acquisition (SCADA) systems have the potential to render physical damage and jeopardize power system operation, safety and stability. SCADA systems were originally designed with little consideration of escalating cyber threats and hence the problem of how to develop robust intrusion detection technologies to tailor the requirements of SCADA is an emerging topic and a big challenge. This paper proposes a stateful Intrusion Detection System (IDS) using a Deep Packet Inspection (DPI) method to improve the cyber-security of SCADA systems using the IEC 60870-5-104 protocol which is tailored for basic telecontrol communications. The proposed stateful protocol analysis approach is presented that is designed specifically for the IEC 60870-5-104 protocol. Finally, the novel intrusion detection approach are implemented and validated.
Resumo:
Security is a critical concern around the world. Since resources for security are always limited, lots of interest have arisen in using game theory to handle security resource allocation problems. However, most of the existing work does not address adequately how a defender chooses his optimal strategy in a game with absent, inaccurate, uncertain, and even ambiguous strategy profiles' payoffs. To address this issue, we propose a general framework of security games under ambiguities based on Dempster-Shafer theory and the ambiguity aversion principle of minimax regret. Then, we reveal some properties of this framework. Also, we present two methods to reduce the influence of complete ignorance. Our investigation shows that this new framework is better in handling security resource allocation problems under ambiguities.
Resumo:
Experiences from smart grid cyber-security incidents in the past decade have raised questions on the applicability and effectiveness of security measures and protection mechanisms applied to the grid. In this chapter we focus on the security measures applied under real circumstances in today’s smart grid systems. Beginning from real world example implementations, we first review cyber-security facts that affected the electrical grid, from US blackout incidents, to the Dragonfly cyber-espionage campaign currently focusing on US and European energy firms. Provided a real world setting, we give information related to energy management of a smart grid looking also in the optimization techniques that power control engineers perform into the grid components. We examine the application of various security tools in smart grid systems, such as intrusion detection systems, smart meter authentication and key management using Physical Unclonable Functions, security analytics and resilient control algorithms. Furthermore we present evaluation use cases of security tools applied on smart grid infrastructure test-beds that could be proved important prior to their application in the real grid, describing a smart grid intrusion detection system application and security analytics results. Anticipated experimental results from the use-cases and conclusions about the successful transitions of security measures to real world smart grid operations will be presented at the end of this chapter.
Resumo:
African evangelical/Pentecostal/charismatic (EPC) Christians-previously dismissed by scholars as apolitical-are becoming increasingly active socially and politically. This chapter presents a case study of an EPC congregation in Harare. It demonstrates how the congregation provides short-term human security by responding to the needs of the poor, while at the same time creating space where people can develop the "self-expression values" necessary for long-term human security. The case study also demonstrates that even under authoritarian states, religious actors can actively choose to balance the immediate demands of short-term human security with the sometimes competing demands of long-term human security. Policymakers can benefit from a greater understanding of how religious actors strike this balance and from a greater appreciation of the variability, flexibility, and religious resources of EPC Christians in such contexts.
Resumo:
The proposition of increased innovation in network applications and reduced cost for network operators has won over the networking world to the vision of Software-Defined Networking (SDN). With the excitement of holistic visibility across the network and the ability to program network devices, developers have rushed to present a range of new SDN-compliant hardware, software and services. However, amidst this frenzy of activity, one key element has only recently entered the debate: Network Security. In this article, security in SDN is surveyed presenting both the research community and industry advances in this area. The challenges to securing the network from the persistent attacker are discussed and the holistic approach to the security architecture that is required for SDN is described. Future research directions that will be key to providing network security in SDN are identified.
Resumo:
The pull of Software-Defined Networking (SDN) is magnetic. There are few in the networking community who have escaped its impact. As the benefits of network visibility and network device programmability are discussed, the question could be asked as to who exactly will benefit? Will it be the network operator or will it, in fact, be the network intruder? As SDN devices and systems hit the market, security in SDN must be raised on the agenda. This paper presents a comprehensive survey of the research relating to security in software-defined networking that has been carried out to date. Both the security enhancements to be derived from using the SDN framework and the security challenges introduced by the framework are discussed. By categorizing the existing work, a set of conclusions and proposals for future research directions are presented.
Resumo:
his essay is premised on the following: a conspiracy to fix or otherwise manipulate the outcome of a sporting event for profitable purpose. That conspiracy is in turn predicated on the conspirators’ capacity to: (a) ensure that the fix takes place as pre-determined; (b) manipulate the betting markets that surround the sporting event in question; and (c) collect their winnings undetected by either the betting industry’s security systems or the attention of any national regulatory body or law enforcement agency.
Unlike many essays on this topic, this contribution does not focus on the “fix”– part (a) of the above equation. It does not seek to explain how or why a participant or sports official might facilitate a betting scam through either on-field behaviour that manipulates the outcome of a game or by presenting others with privileged inside information in advance of a game. Neither does this contribution seek to give any real insight into the second part of the above equation: how such conspirators manipulate a sports betting market by playing or laying the handicap or in-play or other offered betting odds. In fact, this contribution is not really about the mechanics of sports betting or match fixing at all; rather it is about the sometimes under explained reason why match fixing has reportedly become increasingly attractive as of late to international crime syndicates. That reason relates to the fact that given the traditional liquidity of gambling markets, sports betting can, and has long been, an attractively accessible conduit for criminal syndicates to launder the proceeds of crime. Accordingly, the term “winnings”, noted in part (c) of the above equation, takes on an altogether more nefarious meaning.
This essay’s attempt to review the possible links between match fixing in sport, gambling-related “winnings” and money laundering is presented in four parts.
First, some context will be given to what is meant by money laundering, how it is currently policed internationally and, most importantly, how the growth of online gambling presents a unique set of vulnerabilities and opportunities to launder the proceeds of crime. The globalisation of organised crime, sports betting and transnational financial services now means that money laundering opportunities have moved well beyond a flutter on the horses at your local racetrack or at the roulette table of your nearest casino. The growth of online gambling platforms means that at a click it is possible for the proceeds of crime in one jurisdiction to be placed on a betting market in another jurisdiction with the winnings drawn down and laundered in a third jurisdiction and thus the internationalisation of gambling-related money laundering threatens the integrity of sport globally.
Second, and referring back to the infamous hearings of the US Senate Special Committee to Investigate Organised Crime in Interstate Commerce of the early 1950s, (“the Kefauver Committee”), this article will begin by illustrating the long standing interest of organised crime gangs – in this instance, various Mafia families in the United States – in money laundering via sports gambling-related means.
Third, and using the seminal 2009 report “Money Laundering through the Football Sector” by the Financial Action Task Force (FATF, an inter-governmental body established in 1989 to promote effective implementation of legal, regulatory and operational measures for combating money laundering, terrorist financing and other related threats to the integrity of the international financial system), this essay seeks to assess the vulnerabilities of international sport to match fixing, as motivated in part by the associated secondary criminality of tax evasion and transnational economic crime.
The fourth and concluding parts of the essay spin from problems to possible solutions. The underlying premise here is that heretofore there has been an insularity to the way that sports organisations have both conceptualised and sought to address the match fixing threat e.g., if we (in sport) initiate player education programmes; establish integrity units; enforce codes of conduct and sanctions strictly; then our integrity or brand should be protected. This essay argues that, although these initiatives are important, the source and process of match fixing is beyond sport’s current capacity, as are the possible solutions.
