903 resultados para Fatal attacks


Relevância:

20.00% 20.00%

Publicador:

Resumo:

Denial-of-service attacks (DoS) and distributed denial-of-service attacks (DDoS) attempt to temporarily disrupt users or computer resources to cause service un- availability to legitimate users in the internetworking system. The most common type of DoS attack occurs when adversaries °ood a large amount of bogus data to interfere or disrupt the service on the server. The attack can be either a single-source attack, which originates at only one host, or a multi-source attack, in which multiple hosts coordinate to °ood a large number of packets to the server. Cryptographic mechanisms in authentication schemes are an example ap- proach to help the server to validate malicious tra±c. Since authentication in key establishment protocols requires the veri¯er to spend some resources before successfully detecting the bogus messages, adversaries might be able to exploit this °aw to mount an attack to overwhelm the server resources. The attacker is able to perform this kind of attack because many key establishment protocols incorporate strong authentication at the beginning phase before they can iden- tify the attacks. This is an example of DoS threats in most key establishment protocols because they have been implemented to support con¯dentiality and data integrity, but do not carefully consider other security objectives, such as availability. The main objective of this research is to design denial-of-service resistant mechanisms in key establishment protocols. In particular, we focus on the design of cryptographic protocols related to key establishment protocols that implement client puzzles to protect the server against resource exhaustion attacks. Another objective is to extend formal analysis techniques to include DoS- resistance. Basically, the formal analysis approach is used not only to analyse and verify the security of a cryptographic scheme carefully but also to help in the design stage of new protocols with a high level of security guarantee. In this research, we focus on an analysis technique of Meadows' cost-based framework, and we implement DoS-resistant model using Coloured Petri Nets. Meadows' cost-based framework is directly proposed to assess denial-of-service vulnerabil- ities in the cryptographic protocols using mathematical proof, while Coloured Petri Nets is used to model and verify the communication protocols using inter- active simulations. In addition, Coloured Petri Nets are able to help the protocol designer to clarify and reduce some inconsistency of the protocol speci¯cation. Therefore, the second objective of this research is to explore vulnerabilities in existing DoS-resistant protocols, as well as extend a formal analysis approach to our new framework for improving DoS-resistance and evaluating the performance of the new proposed mechanism. In summary, the speci¯c outcomes of this research include following results; 1. A taxonomy of denial-of-service resistant strategies and techniques used in key establishment protocols; 2. A critical analysis of existing DoS-resistant key exchange and key estab- lishment protocols; 3. An implementation of Meadows's cost-based framework using Coloured Petri Nets for modelling and evaluating DoS-resistant protocols; and 4. A development of new e±cient and practical DoS-resistant mechanisms to improve the resistance to denial-of-service attacks in key establishment protocols.

Relevância:

20.00% 20.00%

Publicador:

Resumo:

Aims: The Rural and Remote Road Safety Study (RRRSS) addresses a recognised need for greater research on road trauma in rural and remote Australia, the costs of which are disproportionately high compared with urban areas. The 5-year multi-phase study with whole-of-government support concluded in June 2008. Drawing on RRRSS data, we analysed fatal motorcycle crashes which occurred over 39 months to provide a description of crash characteristics, contributing factors and people involved. The descriptive analysis and discussion may inform development of tailored motorcycle safety interventions. Methods: RRRSS criteria sought vehicle crashes resulting in death or hospitalisation for 24 hours minimum of at least 1 person aged 16 years or over, in the study area defined roughly as the Queensland area north from Bowen in the east and Boulia in the west (excluding Townsville and Cairns urban areas). Fatal motorcycle crashes were selected from the RRRSS dataset. Analysis considered medical data covering injury types and severity, evidence of alcohol, drugs and prior medical conditions, as well as crash descriptions supplied by police to Queensland Transport on contributing circumstances, vehicle types, environmental conditions and people involved. Crash data were plotted in a geographic information system (MapInfo) for spatial analysis. Results: There were 23 deaths from 22 motorcycle crashes on public roads meeting RRRSS criteria. Of these, half were single vehicle crashes and half involved 2 or more vehicles. In contrast to general patterns for driver/rider age distribution in crashes, riders below 25 years of age were represented proportionally within the population. Riders in their thirties comprised 41% of fatalities, with a further 36% accounted for by riders in their fifties. 18 crashes occurred in the Far North Statistical Division (SD), with 2 crashes in both the Northern and North West SDs. Behavioural factors comprised the vast majority of contributing circumstances cited by police, with adverse environmental conditions noted in only 4 cases. Conclusions: Fatal motorcycle crashes were more likely to involve another vehicle and less likely to involve a young rider than non-fatal crashes recorded by the RRRSS. Rider behaviour contributed to the majority of crashes and should be a major focus of research, education and policy development, while other road users’ behaviour and awareness also remains important. With 68% of crashes occurring on major and secondary roads within a 130km radius of Cairns, efforts should focus on this geographic area.

Relevância:

20.00% 20.00%

Publicador:

Resumo:

A strong designated verifier signature scheme makes it possible for a signer to convince a designated verifier that she has signed a message in such a way that the designated verifier cannot transfer the signature to a third party, and no third party can even verify the validity of a designated verifier signature. We show that anyone who intercepts one signature can verify subsequent signatures in Zhang-Mao ID-based designated verifier signature scheme and Lal-Verma ID-based designated verifier proxy signature scheme. We propose a new and efficient ID-based designated verifier signature scheme that is strong and unforgeable. As a direct corollary, we also get a new efficient ID-based designated verifier proxy signature scheme.

Relevância:

20.00% 20.00%

Publicador:

Resumo:

While it is uncontested that the medical profession makes a valuable contribution to society, doctors should not always be beyond the reach of the criminal law and they should not automatically be treated as God. Doctors should act reasonably and be conscious of their position of trust. In this sense, the notion of “doctors” is construed broadly to include a range of health care professionals such as podiatrists, radiographers, surgeons and general practitioners. This paper will explore contemporary Australian examples where doctors have acted inappropriately and been convicted of non-fatal offences against the person. The physical invasiveness involved in these scenarios varies significantly. In one example, a doctor penetrates a patient’s private body part with a probe for their own sexual gratification, and in another, a doctor covertly visually records a naked patient. The examples will be connected to the theories underpinning criminalisation, particularly social welfare and individual autonomy, with a view to framing guidelines on when doctors should not be immune from non-fatal offences against a person, and thus where the criminal law should respond.

Relevância:

20.00% 20.00%

Publicador:

Resumo:

Alzaid et al. proposed a forward & backward secure key management scheme in wireless sensor networks for Process Control Systems (PCSs) or Supervisory Control and Data Acquisition (SCADA) systems. The scheme, however, is still vulnerable to an attack called the sandwich attack that can be launched when the adversary captures two sensor nodes at times t1 and t2, and then reveals all the group keys used between times t1 and t2. In this paper, a fix to the scheme is proposed in order to limit the vulnerable time duration to an arbitrarily chosen time span while keeping the forward and backward secrecy of the scheme untouched. Then, the performance analysis for our proposal, Alzaid et al.’s scheme, and Nilsson et al.’s scheme is given.

Relevância:

20.00% 20.00%

Publicador:

Resumo:

Distributed Denial of Services DDoS, attacks has become one of the biggest threats for resources over Internet. Purpose of these attacks is to make servers deny from providing services to legitimate users. These attacks are also used for occupying media bandwidth. Currently intrusion detection systems can just detect the attacks but cannot prevent / track the location of intruders. Some schemes also prevent the attacks by simply discarding attack packets, which saves victim from attack, but still network bandwidth is wasted. In our opinion, DDoS requires a distributed solution to save wastage of resources. The paper, presents a system that helps us not only in detecting such attacks but also helps in tracing and blocking (to save the bandwidth as well) the multiple intruders using Intelligent Software Agents. The system gives dynamic response and can be integrated with the existing network defense systems without disturbing existing Internet model. We have implemented an agent based networking monitoring system in this regard.

Relevância:

20.00% 20.00%

Publicador:

Resumo:

To date, most applications of algebraic analysis and attacks on stream ciphers are on those based on lin- ear feedback shift registers (LFSRs). In this paper, we extend algebraic analysis to non-LFSR based stream ciphers. Specifically, we perform an algebraic analysis on the RC4 family of stream ciphers, an example of stream ciphers based on dynamic tables, and inves- tigate its implications to potential algebraic attacks on the cipher. This is, to our knowledge, the first pa- per that evaluates the security of RC4 against alge- braic attacks through providing a full set of equations that describe the complex word manipulations in the system. For an arbitrary word size, we derive alge- braic representations for the three main operations used in RC4, namely state extraction, word addition and state permutation. Equations relating the inter- nal states and keystream of RC4 are then obtained from each component of the cipher based on these al- gebraic representations, and analysed in terms of their contributions to the security of RC4 against algebraic attacks. Interestingly, it is shown that each of the three main operations contained in the components has its own unique algebraic properties, and when their respective equations are combined, the resulting system becomes infeasible to solve. This results in a high level of security being achieved by RC4 against algebraic attacks. On the other hand, the removal of an operation from the cipher could compromise this security. Experiments on reduced versions of RC4 have been performed, which confirms the validity of our algebraic analysis and the conclusion that the full RC4 stream cipher seems to be immune to algebraic attacks at present.

Relevância:

20.00% 20.00%

Publicador:

Resumo:

Stream ciphers are encryption algorithms used for ensuring the privacy of digital telecommunications. They have been widely used for encrypting military communications, satellite communications, pay TV encryption and for voice encryption of both fixed lined and wireless networks. The current multi year European project eSTREAM, which aims to select stream ciphers suitable for widespread adoptation, reflects the importance of this area of research. Stream ciphers consist of a keystream generator and an output function. Keystream generators produce a sequence that appears to be random, which is combined with the plaintext message using the output function. Most commonly, the output function is binary addition modulo two. Cryptanalysis of these ciphers focuses largely on analysis of the keystream generators and of relationships between the generator and the keystream it produces. Linear feedback shift registers are widely used components in building keystream generators, as the sequences they produce are well understood. Many types of attack have been proposed for breaking various LFSR based stream ciphers. A recent attack type is known as an algebraic attack. Algebraic attacks transform the problem of recovering the key into a problem of solving multivariate system of equations, which eventually recover the internal state bits or the key bits. This type of attack has been shown to be effective on a number of regularly clocked LFSR based stream ciphers. In this thesis, algebraic attacks are extended to a number of well known stream ciphers where at least one LFSR in the system is irregularly clocked. Applying algebriac attacks to these ciphers has only been discussed previously in the open literature for LILI-128. In this thesis, algebraic attacks are first applied to keystream generators using stop-and go clocking. Four ciphers belonging to this group are investigated: the Beth-Piper stop-and-go generator, the alternating step generator, the Gollmann cascade generator and the eSTREAM candidate: the Pomaranch cipher. It is shown that algebraic attacks are very effective on the first three of these ciphers. Although no effective algebraic attack was found for Pomaranch, the algebraic analysis lead to some interesting findings including weaknesses that may be exploited in future attacks. Algebraic attacks are then applied to keystream generators using (p; q) clocking. Two well known examples of such ciphers, the step1/step2 generator and the self decimated generator are investigated. Algebraic attacks are shown to be very powerful attack in recovering the internal state of these generators. A more complex clocking mechanism than either stop-and-go or the (p; q) clocking keystream generators is known as mutual clock control. In mutual clock control generators, the LFSRs control the clocking of each other. Four well known stream ciphers belonging to this group are investigated with respect to algebraic attacks: the Bilateral-stop-and-go generator, A5/1 stream cipher, Alpha 1 stream cipher, and the more recent eSTREAM proposal, the MICKEY stream ciphers. Some theoretical results with regards to the complexity of algebraic attacks on these ciphers are presented. The algebraic analysis of these ciphers showed that generally, it is hard to generate the system of equations required for an algebraic attack on these ciphers. As the algebraic attack could not be applied directly on these ciphers, a different approach was used, namely guessing some bits of the internal state, in order to reduce the degree of the equations. Finally, an algebraic attack on Alpha 1 that requires only 128 bits of keystream to recover the 128 internal state bits is presented. An essential process associated with stream cipher proposals is key initialization. Many recently proposed stream ciphers use an algorithm to initialize the large internal state with a smaller key and possibly publicly known initialization vectors. The effect of key initialization on the performance of algebraic attacks is also investigated in this thesis. The relationships between the two have not been investigated before in the open literature. The investigation is conducted on Trivium and Grain-128, two eSTREAM ciphers. It is shown that the key initialization process has an effect on the success of algebraic attacks, unlike other conventional attacks. In particular, the key initialization process allows an attacker to firstly generate a small number of equations of low degree and then perform an algebraic attack using multiple keystreams. The effect of the number of iterations performed during key initialization is investigated. It is shown that both the number of iterations and the maximum number of initialization vectors to be used with one key should be carefully chosen. Some experimental results on Trivium and Grain-128 are then presented. Finally, the security with respect to algebraic attacks of the well known LILI family of stream ciphers, including the unbroken LILI-II, is investigated. These are irregularly clock- controlled nonlinear filtered generators. While the structure is defined for the LILI family, a particular paramater choice defines a specific instance. Two well known such instances are LILI-128 and LILI-II. The security of these and other instances is investigated to identify which instances are vulnerable to algebraic attacks. The feasibility of recovering the key bits using algebraic attacks is then investigated for both LILI- 128 and LILI-II. Algebraic attacks which recover the internal state with less effort than exhaustive key search are possible for LILI-128 but not for LILI-II. Given the internal state at some point in time, the feasibility of recovering the key bits is also investigated, showing that the parameters used in the key initialization process, if poorly chosen, can lead to a key recovery using algebraic attacks.

Relevância:

20.00% 20.00%

Publicador:

Resumo:

Secret-sharing schemes describe methods to securely share a secret among a group of participants. A properly constructed secret-sharing scheme guarantees that the share belonging to one participant does not reveal anything about the shares of others or even the secret itself. Besides being used to distribute a secret, secret-sharing schemes have also been used in secure multi-party computations and redundant residue number systems for error correction codes. In this paper, we propose that the secret-sharing scheme be used as a primitive in a Network-based Intrusion Detection System (NIDS) to detect attacks in encrypted Networks. Encrypted networks such as Virtual Private Networks (VPNs) fully encrypt network traffic which can include both malicious and non-malicious traffic. Traditional NIDS cannot monitor such encrypted traffic. We therefore describe how our work uses a combination of Shamir's secret-sharing scheme and randomised network proxies to enable a traditional NIDS to function normally in a VPN environment.

Relevância:

20.00% 20.00%

Publicador:

Resumo:

This paper presents findings from the rural and remote road safety study, conducted in Queensland, Australia, from March 2004 till June 2007, and compares fatal crashes and non-fatal but serious crashes in respect of their environmental, vehicle and operator factors. During the study period there were 613 non-fatal crashes resulting in 684 hospitalised casualties and 119 fatal crashes resulting in 130 fatalities. Additional information from police sources was available on 103 fatal and 309 non-fatal serious crashes. Over three quarters of both fatal and hospitalised casualties were male and the median age in both groups was 34 years. Fatal crashes were more likely to involve speed, alcohol and violations of road rules and fatal crash victims were 2 and a 1/2 times more likely to be unrestrained inside the vehicle than non-fatal casualties, consistent with current international evidence. After controlling for human factors, vehicle and road conditions made a minimal contribution to the seriousness of the crash outcome. Targeted interventions to prevent fatalities on rural and remote roads should focus on reducing speed and drink driving and promoting seatbelt wearing.

Relevância:

20.00% 20.00%

Publicador:

Resumo:

The rural two-lane highway in the southeastern United States is frequently associated with a disproportionate number of serious and fatal crashes and as such remains a focus of considerable safety research. The Georgia Department of Transportation spearheaded a regional fatal crash analysis to identify various safety performances of two-lane rural highways and to offer guidance for identifying suitable countermeasures with which to mitigate fatal crashes. The fatal crash data used in this study were compiled from Alabama, Georgia, Mississippi, and South Carolina. The database, developed for an earlier study, included 557 randomly selected fatal crashes from 1997 or 1998 or both (this varied by state). Each participating state identified the candidate crashes and performed physical or video site visits to construct crash databases with enhance site-specific information. Motivated by the hypothesis that single- and multiple-vehicle crashes arise from fundamentally different circumstances, the research team applied binary logit models to predict the probability that a fatal crash is a single-vehicle run-off-road fatal crash given roadway design characteristics, roadside environment features, and traffic conditions proximal to the crash site. A wide variety of factors appears to influence or be associated with single-vehicle fatal crashes. In a model transferability assessment, the authors determined that lane width, horizontal curvature, and ambient lighting are the only three significant variables that are consistent for single-vehicle run-off-road crashes for all study locations.