50 resultados para MAFIC INTRUSION
Resumo:
Cybercrime has rapidly developed in recent years and malware is one of the major security threats in computer which have been in existence from the very early days. There is a lack of understanding of such malware threats and what mechanisms can be used in implementing security prevention as well as to detect the threat. The main contribution of this paper is a step towards addressing this by investigating the different techniques adopted by obfuscated malware as they are growingly widespread and increasingly sophisticated with zero-day exploits. In particular, by adopting certain effective detection methods our investigations show how cybercriminals make use of file system vulnerabilities to inject hidden malware into the system. The paper also describes the recent trends of Zeus botnets and the importance of anomaly detection to be employed in addressing the new Zeus generation of malware.
Resumo:
This article is devoted to experimental investigation of a novel application of a clustering technique introduced by the authors recently in order to use robust and stable consensus functions in information security, where it is often necessary to process large data sets and monitor outcomes in real time, as it is required, for example, for intrusion detection. Here we concentrate on a particular case of application to profiling of phishing websites. First, we apply several independent clustering algorithms to a randomized sample of data to obtain independent initial clusterings. Silhouette index is used to determine the number of clusters. Second, rank correlation is used to select a subset of features for dimensionality reduction. We investigate the effectiveness of the Pearson Linear Correlation Coefficient, the Spearman Rank Correlation Coefficient and the Goodman--Kruskal Correlation Coefficient in this application. Third, we use a consensus function to combine independent initial clusterings into one consensus clustering. Fourth, we train fast supervised classification algorithms on the resulting consensus clustering in order to enable them to process the whole large data set as well as new data. The precision and recall of classifiers at the final stage of this scheme are critical for the effectiveness of the whole procedure. We investigated various combinations of several correlation coefficients, consensus functions, and a variety of supervised classification algorithms.
Resumo:
In spite of all the debates and controversies, a global consensus has been reached that climate change is a reality and that it will impact, in diverse manifestations that may include increased global temperature, sea level rise, more frequent occurrence of extreme weather events, change in weather patterns, etc., on food production systems, global biodiversity and overall human well being. Aquaculture is no exception. The sector is characterized by the fact that the organisms cultured, the most diverse of all farming systems and in the number of taxa farmed, are all poikilotherms. It occurs in fresh, brackish and marine waters, and in all climatic regimes from temperate to tropical. Consequently, there are bound to be many direct impacts on aquatic farming systems brought about by climate change. The situation is further exacerbated by the fact that certain aquaculture systems are dependent, to varying degrees, on products such as fishmeal and fish oil, which are derived from wild-caught resources that are subjected to reduction processes. All of the above factors will impact on aquaculture in the decades to come and accordingly, the aquatic farming systems will begin to encounter new challenges to maintain sustainability and continue to contribute to the human food basket. The challenges will vary significantly between climatic regimes. In the tropics, the main challenges will be to those farming activities that occur in deltaic regions, which also happen to be hubs of aquaculture activity, such as in the Mekong and Red River deltas in Viet Nam and the Ganges-Brahamaputra Delta in Bangladesh. Aquaculture in tropical deltaic areas will be mostly impacted by sea level rise, and hence increased saline water intrusion and reduced water flows, among others. Elsewhere in the tropics, inland cage culture and other aquaculture activities could be impacted by extreme weather conditions, increased upwelling of deoxygenated waters in reservoirs, etc., requiring greater vigilance and monitoring, and even perhaps readiness to move operations to more conducive areas in a waterbody. Indirect impacts of climate change on tropical aquaculture could be manifold but are perhaps largely unknown. The reproductive cycles of a great majority of tropical species are dependent on monsoonal rain patterns, which are predicted to change. Consequently, irrespective of whether cultured species are artificially propagated or not, changes in reproductive cycles will impact on seed production and thereby the whole grow-out cycle and modus operandi of farm activities. Equally, such impacts will be felt on the culture of those species that are based on natural spat collection, such as that of many cultured molluscs. In the temperate region, global warming could raise temperatures to the upper tolerance limits of some cultured species, thereby making such culture systems vulnerable to high temperatures. New or hitherto non-pathogenic organisms may become virulent with increases in water temperature, confronting the sector with new, hitherto unmanifested and/or little known diseases. One of the most important indirect effects of climate change will be driven by impacts on production of those fish species that are used for reduction, and which in turn form the basis for aquaculture feeds, particularly for carnivorous species. These indirect effects are likely to have a major impact on some key aquaculture practices in all climatic regimes. Limitations of supplies of fishmeal and fish oil and resulting exorbitant price hikes of these commodities will lead to more innovative and pragmatic solutions on ingredient substitution for aquatic feeds, which perhaps will be a positive result arising from a dire need to sustain a major sector. Aquaculture has to be proactive and start addressing the need for adaptive and mitigative measures. Such measures will entail both technological and socio-economic approaches. The latter will be more applicable to small-scale farmers, who happen to be the great bulk of producers in developing countries, which in turn constitute the “backbone’ of global aquaculture. The sociological approaches will entail the challenge of addressing the potential climate change impacts on small farming communities in the most vulnerable areas, such as in deltaic regions, weighing the most feasible adaptive options and bringing about the policy changes required to implement these adaptive measures economically and effectively. Global food habits have changed over the years. We are currently in an era where food safety and quality, backed up by ecolabelling, are paramount; it was not so 20 years ago. In the foreseeable future, we will move into an era where consumer consciousness will demand that farmed foods of every form will have to include in their labeled products the green house gas (GHG) emissions per unit of produce. Clearly, aquaculture offers an opportunity to meet these aspirations. Considering that about 70 percent of all finfish and almost 100 percent of all molluscs and seaweeds are minimally GHG emitting, it is possible to drive aquaculture as the most GHG-friendly food source. The sector could conform to such demands and continue to meet the need for an increasing global food fish supply. However, to achieve this, a paradigm shift in our seafood consumption preferences will be needed.
Resumo:
Network forensics is a branch of digital forensics which has evolved recently as a very important discipline used in monitoring and analysing network traffic-particularly for the purposes of tracing intrusions and attacks. This paper presents an analysis of the tools and techniques used in network forensic analysis. It further examines the application of network forensics to vital areas such as malware and network attack detection; IP traceback and honeypots; and intrusion detection. Further, the paper addresses new and emerging areas of network forensic development which include critical infrastructure forensics, wireless network forensics, as well as its application to social networking. © 2012 IEEE.
Resumo:
Ecological planning, as advocated by Ian McHarg, filtered extensively through North America following the publication of Design with Nature (1965). The integrated design and planning approach was also advanced by numerous graduates of McHarg's studios at the University of Pennsylvania where this approach was extensively trialled and proven. While a clear synthesis and theoretical framework was articulated and reinforced through a plethora of projects, monographs, and articles, the majority of these perspectives were North American, lacked clarity about the translation of the approach into legal strategic and statutory planning instruments, nor shed light upon what transpired in Australia. This paper reviews the development of the Conservation Plan created for the southern Mornington peninsula in Victoria, Australia, as well as its intent, structure and internal workings as a successful model of ecological statutory planning, in the context of the wider WPRPA activities that draws directly from the McHarg theory. Known as the Conservation Plan for the southern Mornington Peninsula in Victoria, a revolutionary planning structure devised in the early 1970s by several Australian proponents. The Conservation Plan continues in operation today curating a high scenic valued landscape protecting it from intrusion from the growing metropolitan city of Melbourne thus fulfilling its objectives of landscape quality conservation whilst still permitting sympathetic building and land use growth. Contextually, the Conservation Plan appears to be only statutory equivalent translation of the approach internationally other than the Pinelands Commission planning processes in New Jersey.
Resumo:
Web applications have steadily increased, making them very important in areas, such as financial sectors, e-commerce, e-government, social media network, medical data, e-business, academic an activities, e-banking, e-shopping, e-mail. However, web application pages support users interacting with the data stored in their website to insert, delete and modify content by making a web site their own space. Unfortunately, these activities attracted writers of malicious software for financial gain, and to take advantage of such activities to perform their malicious objectives. This chapter focuses on severe threats to web applications specifically on Structure Query Language Injection Attack (SQLIA) and Zeus threats. These threats could adopt new obfuscation techniques to evade and thwart countermeasures Intrusion Detection Systems (IDS). Furthermore, this work explores and discusses the techniques to detect and prevent web application malwar.
Resumo:
Increasingly, web applications are being developed over the Internet. Securing these web applications is becoming important as they hold critical security features. However, cybercriminals are becoming smarter by developing a crime toolkit, and employing sophisticated techniques to evade detection. These crime toolkits can be used by any person to target Internet users. In this paper, we explore the techniques used in crime toolkits. We present a current state-of-the-art analysis of crime toolkits and focus on attacks against web applications. The crime toolkit techniques are compared with the vulnerability of web applications to help reveal particular behaviour such as popular web application vulnerabilities that malicious writers prefer. In addition, we outline the existing protection mechanism, and observe that the possibility for damage is rising, particularly as specialization and scale increase in cybercrime.
Resumo:
The continuously rising Internet attacks pose severe challenges to develop an effective Intrusion Detection System (IDS) to detect known and unknown malicious attack. In order to address the problem of detecting known, unknown attacks and identify an attack grouped, the authors provide a new multi stage rules for detecting anomalies in multi-stage rules. The authors used the RIPPER for rule generation, which is capable to create rule sets more quickly and can determine the attack types with smaller numbers of rules. These rules would be efficient to apply for Signature Intrusion Detection System (SIDS) and Anomaly Intrusion Detection System (AIDS).
Resumo:
With the advent of Cloud Computing, IDS as a service (IDSaaS) has been proposed as an alternative to protect a network (e.g., financial organization) from a wide range of network attacks by offloading the expensive operations such as the process of signature matching to the cloud. The IDSaaS can be roughly classified into two types: signature-based detection and anomaly-based detection. During the packet inspection, no party wants to disclose their own data especially sensitive information to others, even to the cloud provider, for privacy concerns. However, current solutions of IDSaaS have not much discussed this issue. In this work, focus on the signature-based IDSaaS, we begin by designing a promising privacy-preserving intrusion detection mechanism, the main feature of which is that the process of signature matching does not reveal any specific content of network packets by means of a fingerprint-based comparison. We further conduct a study to evaluate this mechanism under a cloud scenario and identify several open problems and issues for designing such a privacy-preserving mechanism for IDSaaS in a practical environment.
Resumo:
A hierarchical intrusion detection model is proposed to detect both anomaly and misuse attacks. In order to further speed up the training and testing, PCA-based feature extraction algorithm is used to reduce the dimensionality of the data. A PCA-based algorithm is used to filter normal data out in the upper level. The experiment results show that PCA can reduce noise in the original data set and the PCA-based algorithm can reach the desirable performance.
Resumo:
Anomaly detection techniques are used to find the presence of anomalous activities in a network by comparing traffic data activities against a "normal" baseline. Although it has several advantages which include detection of "zero-day" attacks, the question surrounding absolute definition of systems deviations from its "normal" behaviour is important to reduce the number of false positives in the system. This study proposes a novel multi-agent network-based framework known as Statistical model for Correlation and Detection (SCoDe), an anomaly detection framework that looks for timecorrelated anomalies by leveraging statistical properties of a large network, monitoring the rate of events occurrence based on their intensity. SCoDe is an instantaneous learning-based anomaly detector, practically shifting away from the conventional technique of having a training phase prior to detection. It does acquire its training using the improved extension of Exponential Weighted Moving Average (EWMA) which is proposed in this study. SCoDe does not require any previous knowledge of the network traffic, or network administrators chosen reference window as normal but effectively builds upon the statistical properties from different attributes of the network traffic, to correlate undesirable deviations in order to identify abnormal patterns. The approach is generic as it can be easily modified to fit particular types of problems, with a predefined attribute, and it is highly robust because of the proposed statistical approach. The proposed framework was targeted to detect attacks that increase the number of activities on the network server, examples which include Distributed Denial of Service (DDoS) and, flood and flash-crowd events. This paper provides a mathematical foundation for SCoDe, describing the specific implementation and testing of the approach based on a network log file generated from the cyber range simulation experiment of the industrial partner of this project.
Resumo:
Attacks on humans by Australian Magpies (Cracticus tibicen) are a significant human-wildlife conflict in Australia, especially in suburban environments. Remarkably little is known about the phenomenon. In this study, we explored three common hypotheses - territoriality, brood-defence and testosterone - as potential and non-exclusive explanations for aggression directed at people by Magpies living in suburban areas of Brisbane, south-eastern Queensland. The response of 10 pairs of aggressive Magpies to natural levels of human intrusion was compared with that of 10 non-aggressive pairs. Behavioural observations strongly supported the contention that attacks on humans resemble brood-defence and did not support an association with territoriality. The study also found no support for the suggestion that testosterone levels correlated with aggressiveness towards humans: male testosterone peaked immediately before laying and was significantly lower during the maximum period of attacks directed at people. Moreover, there were no differences in the testosterone levels of aggressive and non-aggressive male Magpies. The pattern of testosterone production over a breeding cycle closely resembled that of many other songbirds and appeared not to influence Magpie attacks on humans. © Royal Australasian Ornithologists Union 2010.
Resumo:
Supervisory Control and Data Acquisition (SCADA) systems control and monitor industrial and critical infrastructure functions, such as electricity, gas, water, waste, railway, and traffic. Recent attacks on SCADA systems highlight the need for stronger SCADA security. Thus, sharing SCADA traffic data has become a vital requirement in SCADA systems to analyze security risks and develop appropriate security solutions. However, inappropriate sharing and usage of SCADA data could threaten the privacy of companies and prevent sharing of data. In this paper, we present a privacy preserving strategy-based permutation technique called PPFSCADA framework, in which data privacy, statistical properties and data mining utilities can be controlled at the same time. In particular, our proposed approach involves: (i) vertically partitioning the original data set to improve the performance of perturbation; (ii) developing a framework to deal with various types of network traffic data including numerical, categorical and hierarchical attributes; (iii) grouping the portioned sets into a number of clusters based on the proposed framework; and (iv) the perturbation process is accomplished by the alteration of the original attribute value by a new value (clusters centroid). The effectiveness of the proposed PPFSCADA framework is shown through several experiments on simulated SCADA, intrusion detection and network traffic data sets. Through experimental analysis, we show that PPFSCADA effectively deals with multivariate traffic attributes, producing compatible results as the original data, and also substantially improving the performance of the five supervised approaches and provides high level of privacy protection. © 2014 Published by Elsevier B.V. All rights reserved.
Resumo:
Most cognitive approaches for understanding and treating obsessive-compulsive disorder (OCD) rest on the assumption that nearly everyone experiences unwanted intrusive thoughts, images and impulses from time to time. These theories argue that the intrusions themselves are not problematic, unless they are misinterpreted and/or attempts are made to control them in maladaptive and/or unrealistic ways. Early research has shown unwanted intrusions to be present in the overwhelming majority of participants assessed, although this work was limited in that it took place largely in the US, the UK and other 'westernised' or 'developed' locations. We employed the International Intrusive Thoughts Interview Schedule (IITIS) to assess the nature and prevalence of intrusions in nonclinical populations, and used it to assess (n=777) university students at 15 sites in 13 countries across 6 continents. Results demonstrated that nearly all participants (93.6%) reported experiencing at least one intrusion during the previous three months. Doubting intrusions were the most commonly reported category of intrusive thoughts; whereas, repugnant intrusions (e.g., sexual, blasphemous, etc.) were the least commonly reported by participants. These and other results are discussed in terms of an international perspective on understanding and treating OCD. © 2013 Elsevier Ltd.
