224 resultados para Attacks
Resumo:
Since the September 11, 2001 terrorist attacks in New York City, many countries including Australia and Malaysia have been able to justify the use biometric devices such as finger print scans, retina scans and facial recognition for identification and surveillance of its citizens and others in the name of national security. In addition, biometric devices are increasingly being used worldwide by organizations to keep track of their employees and their productivity, leading to concerns of privacy, the safety, reliability, abuse and misuse of the data collected and violations of civil liberties. Taking the critical theory perspective, this paper will analyse the data collected and report on the findings of a survey carried out in Australia and Malaysia, with respect to the responses provided and opinions expressed to the survey s open ended and other questions
by individuals as to their current use, experiences, preferences, concerns about the devices and the situations in which they think biometric devices should be used, including in their workplaces. This descriptive study uses both quantitative and qualitative data to examine what Australians and Malaysians think about the use of biometric devices in everyday situtions
and compare them as to their similarities and differences. The paper will then critically examine the ethical and civil liberties issues involved in the use of biometric devices in everyday life and argues that regulatory and legal measures should be taken to safeguard the rights of citizens while maintaining national security and productivity, in order to avoid the situation of Michel Foucaults Panopticon becoming an unpleasant everyday reality, which could negatively irifluence socialjustice and create social change due to its effects on individuals in two multicultural societies. The paper will argue about the need to educate the general public as to the issues of surveillance and privacy involved in the use of biometric devices in everyday situations.
Resumo:
Since the September 11, 2001 terrorist attacks in New York, the use of biometric devices such as fingerprint scans, retina and iris scans and facial recognition in everyday situations for national security and border control, have become commonplace. This has resulted in the biometric industry moving from being a niche technology to one that is ubiquitous. As a result. more and more employers are using biometrics to secure staff access to their facilities as well as for tracking staff work hours, maintaining 'discipline' and carry out surveillance against thefts. detecting work hour abuses and fraud. However, the data thus collected and the technologies themselves are feared of having the potential for and actually being misused - both in terms of the violating staff privacy and discrimination and oppression of targeted workers. This paper examines the issue of using biometric devices in organisational settings their advantages, disadvantages and actual and potential abuses from the point of view of critical theory. From the perspectives of Panoptic surveillance and hegemonic organisational control, the paper examines the issues related to privacy and identification, biometrics and privacy, biometrics and the 'body', and surveillance and modernity. The paper also examines the findings ofa survey carried out in Australia. Malaysia and the USA on respondents' opinions on the use of biometric devices in everyday life including at workplaces. The paper concludes that along with their applications in border control and national security, the use of biometric devices should be covered by relevant laws and regulations. guidelines and codes of practice. in order to balance the rights to privacy and civil liberties of workers with employers' need for improved productivity, reduced costs, safeguards related to occupational health and safety, equal opportunity, and workplace harassment of staff and other matters, that employers are legally responsible for.
Resumo:
Many terrorist attacks are accomplished by bringing explosive devices hidden in ordinary-looking objects to public places. In such case, it is almost impossible to distinguish a terrorist from ordinary people just from the isolated appearance. However, valuable clues might be discovered through analyzing a series of actions of the same person. Abnormal behaviors of object fetching, deposit, or exchange in public places might indicate potential attacks. Based on the widely equipped CCTV surveillance systems at the entrance of many public places, this paper proposes an algorithm to detect such abnormal behaviors for early warning of terrorist attack.
Resumo:
Recently high-speed networks have been utilized by attackers as Distributed Denial of Service (DDoS) attack infrastructure. Services on high-speed networks also have been attacked by successive waves of the DDoS attacks. How to sensitively and accurately detect the attack traffic, and quickly filter out the attack packets are still the major challenges in DDoS defense. Unfortunately most current defense approaches can not efficiently fulfill these tasks. Our approach is to find the network anomalies by using neural network and classify DDoS packets by a Bloom filter-based classifier (BFC). BFC is a set of spaceefficient data structures and algorithms for packet classification. The evaluation results show that the simple complexity, high classification speed and accuracy and low storage requirements of this classifier make it not only suitable for DDoS filtering in high-speed networks, but also suitable for other applications such as string matching for intrusion detection systems and IP lookup for programmable routers.
Resumo:
Recent advances in technology and new software applications are steadily transforming human civilization into what is called the Information Society. This is manifested by the new terminology appearing in our daily activities. E-Business, E-Government, E-Learning, E-Contracting, and E-Voting are just a few of the ever-growing list of new terms that are shaping the Information Society. Nonetheless, as "Information" gains more prominence in our society, the task of securing it against all forms of threats becomes a vital and crucial undertaking. Addressing the various security issues confronting our new Information Society, this volume is divided into 13 parts covering the following topics: Information Security Management; Standards of Information Security; Threats and Attacks to Information; Education and Curriculum for Information Security; Social and Ethical Aspects of Information Security; Information Security Services; Multilateral Security; Applications of Information Security; Infrastructure for Information Security Advanced Topics in Security; Legislation for Information Security; Modeling and Analysis for Information Security; Tools for Information Security. Security in the Information Society: Visions and Perspectives comprises the proceedings of the 17th International Conference on Information Security (SEC2002), which was sponsored by the International Federation for Information Processing (IFIP), and jointly organized by IFIP Technical Committee 11 and the Department of Electronics and Electrical Communications of Cairo University. The conference was held in May 2002 in Cairo, Egypt. This volume is essential reading for scholars, researchers, and practitioners interested inkeeping pace with the ever-growing field of Information Security.
Resumo:
Since the September 11,2001 terrorist attacks in New York City, many countries including Australia have been able to justify the use of biometric devices for identification and surveillance of their own citizens and others in the name of national security.
This paper reports on the preliminary findings of a survey that examined Australians' views and experiences with the use of biometric devices in everyday situations in the context of their potential to serve as a 'Panopticon' to keep the nation's citizenry under surveillance. It discusses the adoption of the new communication technology from the point of view of the Justification model that sees technology choice as social
gambling and the pluralist view of technology that sees technology as neutral in itself but as having negative or positive effects on society based on how It is used.
The paper proposes the need for Australian society to balance citizens' right to privacy and civil liberties with the right to stay alive and safe from terrorism and how it may be done with the necessary legal and regulator)' safeguards.
Resumo:
Currently Distributed Denial of Service (DDoS) attacks have been identified as one of the most serious problems on the Internet. The aim of DDoS attacks is to prevent legitimate users from accessing desired resources, such as network bandwidth. Hence the immediate task of DDoS defense is to provide as much resources as possible to legitimate users when there is an attack. Unfortunately most current defense approaches can not efficiently detect and filter out attack traffic. Our approach is to find the network anomalies by using neural network, deploy the system at distributed routers, identify the attack packets, and then filter them. The marks in the IP header that are generated by a group of IP traceback schemes, Deterministic Packet Marking (DPM)/Flexible Deterministic Packet Marking (FDPM), assist this process of identifying attack packets. The experimental results show that this approach can be used to defend against both intensive and subtle DDoS attacks, and can catch DDoS attacks’ characteristic of starting from multiple sources to a single victim. According to results, we find the marks in IP headers can enhance the sensitivity and accuracy of detection, thus improve the legitimate traffic throughput and reduce attack traffic throughput. Therefore, it can perform well in filtering DDoS attack traffic precisely and effectively.
Resumo:
IP source address spoofing exploits a fundamental weakness in the Internet Protocol. It is exploited in many types of network-based attacks such as session hijacking and Denial of Service (DoS). Ingress and egress filtering is aimed at preventing IP spoofing. Techniques such as History based filtering are being used during DoS attacks to filter out attack packets. Packet marking techniques are being used to trace IP packets to a point that is close as possible to their actual source. Present IP spoofing countermeasures are hindered by compatibility issues between IPv4 and IPv6, implementation issues and their effectiveness under different types of attacks. We propose a topology based packet marking method that builds on the flexibility of packet marking as an IP trace back method while overcoming most of the shortcomings of present packet marking techniques.
Resumo:
Historically social engineering attacks were limited upon a single organisation or single individual at a time. The impact of the Internet and growth of E-Business has allowed social engineering techniques to be applied at a global level. The paper will discuss how new social engineering techniques are being applied and puts forward a conceptual model to allow an understanding of how social engineering attacks are planned and implemented against E-Business activities.
Resumo:
In settings such as electronic markets where trading partners have conflicting interests and a desire to cooperate, mobile agent mediated negotiation have become very popular. However, agent-based negotiation in electronic commerce involves the exchange of critical and sensitive data that must be highly safeguarded. Therefore, in order to give benefits of quick and safe trading to the trading partners, an approach that secures the information exchanged between the mobile agents during e-Commerce negotiations is needed. To this end, we discuss an approach that we refer to as Multi-Agent Security NEgotiation Protocol (MASNEP). To show that MASNEP protocol is free of attacks and thus the information exchanged throughout electronic negotiation is truly secured, we provide a formal proof on the correctness of the MASNEP.
Resumo:
Electronic negotiation (e-negotiation) is a major activity in e-Commerce applications. Agent-based e-negotiation has recently received increasing attention. However, agent-based electronic negotiation suffers from a number of security attacks. In this paper, we present a mobile agent-based e-commerce framework. We also propose a security protocol that protects the information exchanged between the mobile agents during e- negotiations. We reason the correctness of the proposed security protocol in the presence of various security threats. The reasoning shows that the protocol maintains privacy, non- repudiation, authenticity, anonymity, and strong integrity of exchanged information.
Resumo:
Terrorist groups are in theory currently using information and communication technologies (ICTs) to orchestrate their conventional attacks. More recently, terrorists have been developing a new form of capability within the cyber arena to coordinate cyber based attacks. This paper examines a proposed cyber-terrorism SCADA risk framework concept. The paper proposes a conceptual framework which is designed to measure and protect the threat of cyber-terrorism against SCADA systems within Australia. The findings and results of a focus group will be examined to help validate the framework concept.
Resumo:
Examines the attitudes of Australian IS/IT managers to the concept of cyber-vigilantism. Also, it explores the policies and procedures which have been set in place by various organisations to cope with concerted attacks on their systems. It finds that although a majority of managers do approve of the concept of “striking back”, only a minority are prepared for this eventuality. There appears to be complacency about the threats posed by organised, offensive attackers.
Resumo:
This study shows that cyber crime is a recent addition to the list of crimes that can adversely affec tbusinesses directly or indirectly. This phenomenon was not directly prosecutable in South Africa until the enactment of the ECT Act in July 2002. However this Act also prevents businesses to fully prosecute a hacker due to incompleteness. Any kind of commercially related crime can be duplicated as cyber crime. Therefore very little research appears or has been documented about cyber crime in South African companies before 2003. The motivation to do this study was
that businesses often loose millions in cyber attacks, not necessarily through direct theft but by the loss of service and damage to the image of the company. Most of the companies that were approached for interviews on cyber crime were reluctant to share the fact that they were hacked
or that cyber crime occurred at their company as it violates their security policies and may expose their fragile security platforms.
The purpose of this study was to attempt to get an overall view on how South African businesses are affected by cyber crime in the banking and short term insurance sector of the South African industry and also to determine what legislation exist in this country to protect them.
The case study approach was used to determine the affect of cyber crime on businesses like banks and insurance companies and higher education institutions. Each case was interviewed, monitored and was observed over a period of a year. This study discloses the evaluation of the results of how cyber crime affected the cases, which were part of this study. The banks and higher education institutions felt that they were at an increased risk both externally and internally, which is likely to increase as the migration towards electronic commerce occurs. The insurance industry felt that they are not yet affected by external cyber crime attacks in this country.
Resumo:
In the wake of the September 11 and subsequent terrorist attacks, the academic and media commentaries on 'Islam the religion' and 'Islam the basis for political ideology' has received an unprecedented high level of attention. This book deals with such questions as the nature of Islamism, the impact of the 'war on terror' on militancy, and more.
