Mitigate DoS and DDoS Attack in Ad Hoc Networks

This paper proposes a technique to defeat Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks in Ad Hoc Networks. The technique is divided into two main parts and with game theory and cryptographic puzzles. Introduced first is a new client puzzle to prevent DoS attacks in such networks. The second part presents a multiplayer game that takes place between the nodes of an ad hoc network and based on fundamental principles of game theory. By combining computational problems with puzzles, improvement occurs in the efficiency and latency of the communicating nodes and resistance in DoS and DDoS attacks. Experimental results show the effectiveness of the approach for devices with limited resources and for environments like ad hoc networks where nodes must exchange information quickly.

Oceans Deep: Lesson B (Shark Attack)

Teacher resources for Lesson B in the Discover Oceanography 'Scheme of Work' for use in schools.

Attack simulation based software protection assessment method

Software protection is an essential aspect of information security to withstand malicious activities on software, and preserving software assets. However, software developers still lacks a methodology for the assessment of the deployed protections. To solve these issues, we present a novel attack simulation based software protection assessment method to assess and compare various protection solutions. Our solution relies on Petri Nets to specify and visualize attack models, and we developed a Monte Carlo based approach to simulate attacking processes and to deal with uncertainty. Then, based on this simulation and estimation, a novel protection comparison model is proposed to compare different protection solutions. Lastly, our attack simulation based software protection assessment method is presented. We illustrate our method by means of a software protection assessment process to demonstrate that our approach can provide a suitable software protection assessment for developers and software companies.

Analysis of Automotive Cybersecurity - Attack surfaces and users’ privacy concerns

Modern automobiles are no longer just mechanical tools. The electronics and computing services they are shipping with are making them not less than a computer. They are massive kinetic devices with sophisticated computing power. Most of the modern vehicles are made with the added connectivity in mind which may be vulnerable to outside attack. Researchers have shown that it is possible to infiltrate into a vehicle’s internal system remotely and control the physical entities such as steering and brakes. It is quite possible to experience such attacks on a moving vehicle and unable to use the controls. These massive connected computers can be life threatening as they are related to everyday lifestyle. First part of this research studied the attack surfaces in the automotive cybersecurity domain. It also illustrated the attack methods and capabilities of the damages. Online survey has been deployed as data collection tool to learn about the consumers’ usage of such vulnerable automotive services. The second part of the research portrayed the consumers’ privacy in automotive world. It has been found that almost hundred percent of modern vehicles has the capabilities to send vehicle diagnostic data as well as user generated data to their manufacturers, and almost thirty five percent automotive companies are collecting them already. Internet privacy has been studies before in many related domain but no privacy scale were matched for automotive consumers. It created the research gap and motivation for this thesis. A study has been performed to use well established consumers privacy scale – IUIPC to match with the automotive consumers’ privacy situation. Hypotheses were developed based on the IUIPC model for internet consumers’ privacy and they were studied by the finding from the data collection methods. Based on the key findings of the research, all the hypotheses were accepted and hence it is found that automotive consumers’ privacy did follow the IUIPC model under certain conditions. It is also found that a majority of automotive consumers use the services and devices that are vulnerable and prone to cyber-attacks. It is also established that there is a market for automotive cybersecurity services and consumers are willing to pay certain fees to avail that.

Applied web traffic analysis for numerical encoding of SQL Injection attack features.

SQL Injection Attack (SQLIA) remains a technique used by a computer network intruder to pilfer an organisation’s confidential data. This is done by an intruder re-crafting web form’s input and query strings used in web requests with malicious intent to compromise the security of an organisation’s confidential data stored at the back-end database. The database is the most valuable data source, and thus, intruders are unrelenting in constantly evolving new techniques to bypass the signature’s solutions currently provided in Web Application Firewalls (WAF) to mitigate SQLIA. There is therefore a need for an automated scalable methodology in the pre-processing of SQLIA features fit for a supervised learning model. However, obtaining a ready-made scalable dataset that is feature engineered with numerical attributes dataset items to train Artificial Neural Network (ANN) and Machine Leaning (ML) models is a known issue in applying artificial intelligence to effectively address ever evolving novel SQLIA signatures. This proposed approach applies numerical attributes encoding ontology to encode features (both legitimate web requests and SQLIA) to numerical data items as to extract scalable dataset for input to a supervised learning model in moving towards a ML SQLIA detection and prevention model. In numerical attributes encoding of features, the proposed model explores a hybrid of static and dynamic pattern matching by implementing a Non-Deterministic Finite Automaton (NFA). This combined with proxy and SQL parser Application Programming Interface (API) to intercept and parse web requests in transition to the back-end database. In developing a solution to address SQLIA, this model allows processed web requests at the proxy deemed to contain injected query string to be excluded from reaching the target back-end database. This paper is intended for evaluating the performance metrics of a dataset obtained by numerical encoding of features ontology in Microsoft Azure Machine Learning (MAML) studio using Two-Class Support Vector Machines (TCSVM) binary classifier. This methodology then forms the subject of the empirical evaluation.

Early analysis of fault-attack effects for cryptographic hardware

International audience

Patterns of Play in the Fast attack of F. C. Barcelona, Manchester United and F. C. Internazionale Milano: a Mixed Method Approach

This study aimed to detect and analyse regular patterns of play in fast attack of football teams, through the combination of the sequential analysis technique and semi-structured interviews to experienced first League Portuguese coaches. The sample included 36 games (12 games of the respective national leagues per team) of the F.C. Barcelona, Inter Milan, and Manchester United teams that were coded with the observational instrument tool developed by Sarmento et al. (2010) and the data analysed through sequential analysis with the software SDIS-GSEQ 5.0. Based on the detected patterns, semi-structured interviews were carried out to 8 expert high-performance football coaches and data were analysed through the content analysis technique using the software NVivo 10. The detected patterns of play revealed specific characteristics of the teams under study. The combination of the results of sequential analysis with the qualitative interviews to the professional coaches proved to be very fruitful in this game the analysis of scope, allowing reconcile scientific knowledge with practical interpretation of coaches who develop their tasks in the field.

Observer, Analyser et Gérer la variabilité de la reproduction et du recrutement de l’huître creuse en France : Le Réseau Velyger. Rapport annuel 2015

La conchyliculture, et principalement l’élevage de l’huître creuse, Crassostrea gigas, constitue la principale activité aquacole française. Cette activité repose, en grande partie, sur le recrutement naturel de l’espèce qui assure 60 à 70% des besoins en jeunes huîtres (naissain) : cette activité de collecte s’appelle le captage. Les deux principaux centres de captage en France sont les bassins d’Arcachon et de Marennes-Oléron. Or, depuis une dizaine d'années, sur le bassin d'Arcachon, le captage devient très variable: à des années de captage nul (par exemple 2002, 2005, 2007) ou faible (2009, 2010, 2011) succèdent des années excellentes voire pléthoriques (2003, 2006, 2008, 2012, 2014). A Marennes-Oléron, cette variabilité existe, mais s’avère beaucoup moins marquée. En outre, à la faveur du lent réchauffement des eaux, le captage peut désormais se pratiquer de plus en plus vers le nord. Ainsi, la baie de Bourgneuf, mais aussi la rade de Brest sont devenues, depuis quelques années, des secteurs où un nombre croissant d’ostréiculteurs pratiquent le captage avec succès, mais avec, là aussi, des irrégularités dans le recrutement qu’il convient de comprendre. Enfin, depuis la crise des mortalités de 2008, il se développe aussi sur la lagune de Thau une volonté de pratiquer le captage. Afin de mieux comprendre les facteurs de variations du captage, l’Ifremer a mis en place, à la demande du Comité National de la Conchyliculture, un réseau national de suivi de la reproduction : le Réseau Velyger. Créé en 2008 sur financements européens et financé désormais par la Direction des Pêches Maritimes et de l’Aquaculture, ce réseau apporte, chaque année, sur les écosystèmes cités précédemment, une série d’indicateurs biologiques (maturation, fécondité, date de ponte, abondance et survie larvaire, intensité du recrutement, survie du naissain) dont l’analyse croisée avec des indicateurs hydrologiques et climatiques permet progressivement de mieux appréhender les causes de variabilité du recrutement de l’huître creuse en France, modèle biologique et espèce clé de la conchyliculture française. Ce rapport présente donc les résultats 2015 de ce réseau d’observation et fait appel, pour la partie hydro-climatique, à des données acquises par d’autres réseaux régionaux et nationaux. Il détaille et analyse par site toutes les caractéristiques du cycle de reproduction de l’huître creuse : maturation et fécondité des adultes, période de ponte, abondance et survie des larves, intensité du captage et mortalités précoces. Il fournit ensuite une interprétation et une synthèse des résultats 2015 à la lueur des résultats des années antérieures. Ainsi, pour l’année 2015, on retient les faits majeurs suivants : • Sur le plan hydro-climatique, cette année se caractérise par un hiver doux et un printemps dans les normales, suivis d’un été là aussi très proches des normales à quelques exceptions près : l’étang de Thau affiche tout au long de l’été des températures largement excédentaires. Compte tenu d’une pluviométrie là aussi proche des normales, les concentrations en phytoplancton sont restées à un niveau moyen de la rade de Brest aux pertuis charentais et plutôt déficitaires dans le bassin d’Arcachon et la lagune de Thau. • En termes de biologie, ces conditions hydro-climatiques se sont traduites, chez les populations d’huîtres adultes, par des indices de condition, proxy de la fécondité, généralement proches des moyennes, avec toujours l’existence d’un gradient nord-sud observé chaque année, corrélativement à la concentration en phytoplancton. En outre, l’absence d’excédent thermique au printemps et en début d’été n’a pas permis de ponte précoce (à l’exception de la lagune de Thau), elle a même été plutôt tardive surtout dans le bassin d’Arcachon. • Sur la façade atlantique, les températures de l’eau lors du développement larvaire des principales cohortes ont été plutôt basses (inférieures à 20°C en rade de Brest et inférieures à 21°C ailleurs) et donc la vitesse de croissance larvaire a été ralentie et la survie amoindrie. Les rendements larvaires ont été effectivement très bas (e.g. 0,002 % à Arcachon). In fine, il y a eu peu de larves grosses dans l’eau, ce qui s’est traduit par un captage faible à modéré. Une exception tout de même : dans la lagune de Thau, les températures caniculaires tout au long de l’été ont permis une concentration moyenne de larves ‘grosses’ modérée (80 larves/1,5m3). Cependant, les méthodes et les techniques de captage sont encore en cours d’optimisation sur ce secteur et cette année, malgré cette présence de larves grosses, le captage est resté faible (< 10 naissains par coupelle à l’automne). • En conséquence, l’année 2015, se caractérise par un captage globalement « faible à modéré » dans tous les secteurs s’échelonnant autour de 10 naissains/coupelle dans la lagune de Thau et en baie de Bourgneuf à plus de 200 naissains/coupelle dans les pertuis charentais. Enfin, à partir de l’ensemble des résultats acquis depuis 2008, ce rapport fournit en conclusion une série de recommandations à prendre en compte pour préserver le captage dans les années à venir.

Cyber security in home and small office local area networks - Attack vectors and vulnerabilities

This thesis presents security issues and vulnerabilities in home and small office local area networks that can be used in cyber-attacks. There is previous research done on single vulnerabilities and attack vectors, but not many papers present full scale attack examples towards LAN. First this thesis categorizes different security threads and later in the paper methods to launch the attacks are shown by example. Offensive security and penetration testing is used as research methods in this thesis. As a result of this thesis an attack is conducted using vulnerabilities in WLAN, ARP protocol, browser as well as methods of social engineering. In the end reverse shell access is gained to the target machine. Ready-made tools are used in the attack and their inner workings are described. Prevention methods are presented towards the attacks in the end of the thesis.

A randomised controlled trial of triple antiplatelet therapy (Aspirin, Clopidogrel and Dipyridamole) in the secondary prevention of stroke: safety, tolerability and feasibility

Background: Aspirin, dipyridamole and clopidogrel are effective in secondary vascular prevention. Combination therapy with three antiplatelet agents might maximise the benefit of antiplatelet treatment in the secondary prevention of ischaemic stroke. Methodology/Principal Findings: A randomised, parallel group, observer-blinded phase II trial compared the combination of aspirin, clopidogrel and dipyridamole with aspirin alone. Adult patients with ischaemic stroke or transient ischaemic attack (TIA) within 5 years were included. The primary outcome was tolerability to treatment assessed as the number of patients completing randomised treatment. Recruitment was halted prematurely after publication of the ESPRIT trial (which confirmed that combined aspirin and dipyridamole is more effective than aspirin alone). 17 patients were enrolled: male 12 (71%), mean age 62 (SD 13) years, lacunar stroke syndrome 12 (71%), median stroke/TIA onset to randomisation 8 months. Treatment was discontinued in 4 of 9 (44%) patients receiving triple therapy vs. none of 8 taking aspirin (p = 0.08). One recurrent stroke occurred in a patient in the triple group who was noncompliant of all antiplatelet medications. The number of patients with adverse events and bleeding complications, and their severity, were significantly greater in the triple therapy group (p,0.01). Conclusions/Significance: Long term triple antiplatelet therapy was asociated with a significant increase in adverse events and bleeding rates, and their severity, and a trend to increased discontinuations. However, the patients had a low risk of recurrence and future trials should focus on short term therapy in high risk patients characterised by a very recent event or failure of dual antiplatelet therapy.

A risk model with an observer in a Markov environment

We consider a spectrally-negative Markov additive process as a model of a risk process in a random environment. Following recent interest in alternative ruin concepts, we assume that ruin occurs when an independent Poissonian observer sees the process as negative, where the observation rate may depend on the state of the environment. Using an approximation argument and spectral theory, we establish an explicit formula for the resulting survival probabilities in this general setting. We also discuss an efficient evaluation of the involved quantities and provide a numerical illustration.

Observer la pêche et les ressources pour mieux les préserver

Cette plaquette de communication présente le Système d'Informations Halieutiques de l'Ifremer. Elle est destinée au grand public, aux acteurs du système pêche ainsi qu'aux potentiels utilisateurs des données collectées dans le cadre de ce réseau scientifique national. Elle donne des éléments d'informations sur : - l'Ifremer et ses missions - le Système d'Informations Halieutiques de l'Ifremer - les finalités de l'observation - les données collectées et les méthodes d'observation - le rôle de l'Ifremer notamment dans les processus de décision

Flow around a hemisphere-cylinder at high angle of attack and low Reynolds number. Part II: POD and DMD applied to reduced domains

Three-dimensional direct numerical simulations (DNS) have been performed on a finite-size hemispherecylinder model at angle of attack AoA = 20◦ and Reynolds numbers Re = 350 and 1000. Under these conditions, massive separation exists on the nose and lee-side of the cylinder, and at both Reynolds numbers the flow is found to be unsteady. Proper orthogonal decomposition (POD) and dynamic mode decomposition (DMD) are employed in order to study the primary instability that triggers unsteadiness at Re = 350. The dominant coherent flow structures identified at the lower Reynolds number are also found to exist at Re = 1000; the question is then posed whether the flow oscillations and structures found at the two Reynolds numbers are related. POD and DMD computations are performed using different subdomains of the DNS computational domain. Besides reducing the computational cost of the analyses, this also permits to isolate spatially localized oscillatory structures from other, more energetic structures present in the flow. It is found that POD and DMD are in general sensitive to domain truncation and noneducated choices of the subdomain may lead to inconsistent results. Analyses at Re = 350 show that the primary instability is related to the counter rotating vortex pair conforming the three-dimensional afterbody wake, and characterized by the frequency St ≈ 0.11, in line with results in the literature. At Re = 1000, vortex-shedding is present in the wake with an associated broadband spectrum centered around the same frequency. The horn/leeward vortices at the cylinder lee-side, upstream of the cylinder base, also present finite amplitude oscillations at the higher Reynolds number. The spatial structure of these oscillations, described by the POD modes, is easily differentiated from that of the wake oscillations. Additionally, the frequency spectra associated with the lee-side vortices presents well defined peaks, corresponding to St ≈ 0.11 and its few harmonics, as opposed to the broadband spectrum found at the wake.