934 resultados para distributed denial-of-service attack
Resumo:
International audience
Resumo:
Particular strengths of the MRC Needs for Care Assessment Schedule have been used to investigate the treatment status of patients with persistent psychiatric disability in ways that other needs assessment tools are unable to. One hundred and seventy-nine such patients from three settings; a private sector psychiatric hospital, two public sector day hospitals situated in the same town, and a high security hospital, were found to have a high level of need. Although there were differences between settings, overall these needs were well met in all three. The high level of persistent disability found amongst these patients could not be attributed to failure on the part of those treating them to use the best available methods, or to failures to comply or engage with treatment on the patient's part. In some two thirds of instances persistent disability was best explained by the fact that even the most suitable available treatments have to be considered only partially effective.
Resumo:
Ensuring the security of computers is a non-trivial task, with many techniques used by malicious users to compromise these systems. In recent years a new threat has emerged in the form of networks of hijacked zombie machines used to perform complex distributed attacks such as denial of service and to obtain sensitive data such as password information. These zombie machines are said to be infected with a dasiahotpsila - a malicious piece of software which is installed on a host machine and is controlled by a remote attacker, termed the dasiabotmaster of a botnetpsila. In this work, we use the biologically inspired dendritic cell algorithm (DCA) to detect the existence of a single hot on a compromised host machine. The DCA is an immune-inspired algorithm based on an abstract model of the behaviour of the dendritic cells of the human body. The basis of anomaly detection performed by the DCA is facilitated using the correlation of behavioural attributes such as keylogging and packet flooding behaviour. The results of the application of the DCA to the detection of a single hot show that the algorithm is a successful technique for the detection of such malicious software without responding to normally running programs.
Resumo:
Buses are considered a slow, low comfort and low reliability transport system, thus its negative and por image. In the framework of the 3iBS project (2012), several examples of innovative and/or effective solutions regarding the Level of Service (LoS) were analysed aiming to provide operators, practitioners and policy makers with a set of Good Practice Guidelines to strengthen the competitiveness of the bus in the urban environment. The identification of the key indicators regarding vehicles, infrastructure and operation was possible through the analysis of a set of case studies -among which Barcelona (Spain), Cagliari (Italy), London (United Kingdom), Paris and Nantes (France). A cross comparison between the case studies was carried out for contrasting the level of achievement of the different criteria considered. The information provided on Regulatory, Financial and Technical issues allows the identification of a number of specific factors influencing the implementation of a high quality transport scheme, and set the basis for the elaboration of a set of Guidelines for the implementation of an intelligent, innovative and integrated bus system, including the main barriers to be tackled.
Resumo:
Smart grid constrained optimal control is a complex issue due to the constant growth of grid complexity and the large volume of data available as input to smart device control. In this context, traditional centralized control paradigms may suffer in terms of the timeliness of optimization results due to the volume of data to be processed and the delayed asynchronous nature of the data transmission. To address these limits of centralized control, this paper presents a coordinated, distributed algorithm based on distributed, local controllers and a central coordinator for exchanging summarized global state information. The proposed model for exchanging global state information is resistant to fluctuations caused by the inherent interdependence between local controllers, and is robust to delays in information exchange. In addition, the algorithm features iterative refinement of local state estimations that is able to improve local controller ability to operate within network constraints. Application of the proposed coordinated, distributed algorithm through simulation shows its effectiveness in optimizing a global goal within a complex distribution system operating under constraints, while ensuring network operation stability under varying levels of information exchange delay, and with a range of network sizes.
Resumo:
In this thesis, we have identified a novel attack in OppNets, a special type of packet dropping attack where the malicious node(s) drops one or more packets (not all the packets) and then injects new fake packets instead. We name this novel attack as the Catabolism attack and propose a novel attack detection and traceback approach against this attack referred to as the Anabolism defence. As part of the Anabolism defence approach we have proposed three techniques: time-based, Merkle tree based and Hash chain based techniques for attack detection and malicious node(s) traceback. We provide mathematical models that show our novel detection and traceback mechanisms to be very effective and detailed simulation results show our defence mechanisms to achieve a very high accuracy and detection rate.
Resumo:
Opportunistic Networks aim to set a reliable networks where the nodes has no end-To-end connection and the communication links often suffer from frequent disruption and long delays. The design of the OppNets routing protocols is facing a serious challenges such as the protection of the data confidentiality and integrity. OppNets exploit the characteristics of the human social, such as similarities, daily routines, mobility patterns and interests to perform the message routing and data sharing. Packet dropping attack is one of the hardest attacks in Opportunistic Networks as both the source nodes and the destination nodes have no knowledge of where or when the packet will be dropped. In this paper, we present a new malicious nodes detection technique against packet faking attack where the malicious node drops one or more packets and instead of them injects new fake packets. We have called this novel attack in our previous works a packet faking attack. Each node in Opportunistic Networks can detect and then traceback the malicious nodes based on a solid and powerful idea that is, hash chain techniques. In our hash chain based defense techniques we have two phases. The first phases is to detect the attack, and the second phases is to find the malicious nodes. We have compared our approach with the acknowledgement based mechanisms and the networks coding based mechanism which are well known approaches in the literature. In our simulation, we have achieved a very high node detection accuracy and low false negative rate.
Resumo:
Purpose: The increased involvement of customers in their experience is a reality for all service organisations. The purpose of this paper is to explore the way organisations collaborate with customers to facilitate consumption of cultural experiences through the lens of co-production. Although organisations are typically an integral part of the co-production process, co-production is typically considered from a consumer angle. Aligned with the service ecosystem perspective and value-in-cultural context, this research aims to provide greater insight into the processes and resources that institutions apply to co-produce experiences with consumers and the drivers and inhibitors of such processes. Design/methodology/approach: Case study research with three exemplar organisations, using in-depth interviews with key informants was used to investigate the processes organisations follow in co-producing the service experience with customers, as well as the drivers and inhibitors of organisational co-production of the service experience in the cultural sector. Findings: The findings illuminate that cultural organisations are co-producing the service experience with their customers, as revealed through a number of key processes: inviting customers to actively participate in the experience, engaging customers and supporting customers in the co-production of the experience. Increasingly demanding consumers and a changing competitive landscape are strong external drivers of co-production. Visionary leadership and consumer-focussed employees are internal factors impelling organisations to co-produce experiences with consumers. A strong curatorial orientation, complex organisational structure, employee attitude and capability gaps and funding constraints are impediments towards organisations co-producing experiences with consumers. Originality/value: This paper addresses a gap in Service-Dominant logic theory, arts/cultural marketing and broader services marketing literature by proposing a broadened conceptualisation of co-production of the service experience. This conceptualisation can be used as a platform to derive strategic imperatives for managers of service organisations. The findings highlight the key practices and resources that are central to organisations co-producing experience with customers. In this way, greater understanding of institutional logics and practices that underpin experience co-production emerges.
Resumo:
No framework that provides practical approach for the assessment of quality of service level offered by digital libraries exists.This thesis aims to address this gap. The thesis develops a service level agreement (SLA) based mechanisms for the digital libraries to measure and assess the quality of service they deliver to their customers. An SLA is a formal contract between the digital content providers and the digital library consumers.
Resumo:
Background. Health literacy is the ability to access, understand, and use information and services for good health. Among people with chronic conditions, health literacy requirements for effective self-management are high. The Optimising Health Literacy and Access (Ophelia) study engaged diverse organisations in the codesign of interventions involving the Health Literacy Questionnaire (HLQ) needs assessment, followed by development and evaluation of interventions addressing identified needs. This study reports the process and outcomes of one of the nine organisations, the Royal District Nursing Service (RDNS).
Methods. Participants were home nursing clients with diabetes. The intervention included tailored diabetes self-management education according to preferred learning style, a standardised diabetes education tool, resources, and teach-back method.
Results. Needs analysis of 113 quota-sampled clients showed difficulties managing health and finding and appraising health information. The service-wide diabetes education intervention was applied to 24 clients. The intervention was well received by clients and nurses. Positive impacts on clients' diabetes knowledge and behaviour were seen and nurses reported clear benefits to their practice.
Conclusion. A structured method that supports healthcare services to codesign interventions that respond to the health literacy needs of their clients can lead to evidence-informed, sustainable practice changes that support clients to better understand effective diabetes self-management.
Resumo:
Just Fast Keying (JFK) is a simple, efficient and secure key exchange protocol proposed by Aiello et al. (ACM TISSEC, 2004). JFK is well known for its novel design features, notably its resistance to denial-of-service (DoS) attacks. Using Meadows’ cost-based framework, we identify a new DoS vulnerability in JFK. The JFK protocol is claimed secure in the Canetti-Krawczyk model under the Decisional Diffie-Hellman (DDH) assumption. We show that security of the JFK protocol, when reusing ephemeral Diffie-Hellman keys, appears to require the Gap Diffie-Hellman (GDH) assumption in the random oracle model. We propose a new variant of JFK that avoids the identified DoS vulnerability and provides perfect forward secrecy even under the DDH assumption, achieving the full security promised by the JFK protocol.
Resumo:
Client puzzles are cryptographic problems that are neither easy nor hard to solve. Most puzzles are based on either number theoretic or hash inversions problems. Hash-based puzzles are very efficient but so far have been shown secure only in the random oracle model; number theoretic puzzles, while secure in the standard model, tend to be inefficient. In this paper, we solve the problem of constucting cryptographic puzzles that are secure int he standard model and are very efficient. We present an efficient number theoretic puzzle that satisfies the puzzle security definition of Chen et al. (ASIACRYPT 2009). To prove the security of our puzzle, we introduce a new variant of the interval discrete logarithm assumption which may be of independent interest, and show this new problem to be hard under reasonable assumptions. Our experimental results show that, for 512-bit modulus, the solution verification time of our proposed puzzle can be up to 50x and 89x faster than the Karame-Capkum puzzle and the Rivest et al.'s time-lock puzzle respectively. In particular, the solution verification tiem of our puzzle is only 1.4x slower than that of Chen et al.'s efficient hash based puzzle.
Resumo:
Availability has become a primary goal of information security and is as significant as other goals, in particular, confidentiality and integrity. Maintaining availability of essential services on the public Internet is an increasingly difficult task in the presence of sophisticated attackers. Attackers may abuse limited computational resources of a service provider and thus managing computational costs is a key strategy for achieving the goal of availability. In this thesis we focus on cryptographic approaches for managing computational costs, in particular computational effort. We focus on two cryptographic techniques: computational puzzles in cryptographic protocols and secure outsourcing of cryptographic computations. This thesis contributes to the area of cryptographic protocols in the following ways. First we propose the most efficient puzzle scheme based on modular exponentiations which, unlike previous schemes of the same type, involves only a few modular multiplications for solution verification; our scheme is provably secure. We then introduce a new efficient gradual authentication protocol by integrating a puzzle into a specific signature scheme. Our software implementation results for the new authentication protocol show that our approach is more efficient and effective than the traditional RSA signature-based one and improves the DoSresilience of Secure Socket Layer (SSL) protocol, the most widely used security protocol on the Internet. Our next contributions are related to capturing a specific property that enables secure outsourcing of cryptographic tasks in partial-decryption. We formally define the property of (non-trivial) public verifiability for general encryption schemes, key encapsulation mechanisms (KEMs), and hybrid encryption schemes, encompassing public-key, identity-based, and tag-based encryption avors. We show that some generic transformations and concrete constructions enjoy this property and then present a new public-key encryption (PKE) scheme having this property and proof of security under the standard assumptions. Finally, we combine puzzles with PKE schemes for enabling delayed decryption in applications such as e-auctions and e-voting. For this we first introduce the notion of effort-release PKE (ER-PKE), encompassing the well-known timedrelease encryption and encapsulated key escrow techniques. We then present a security model for ER-PKE and a generic construction of ER-PKE complying with our security notion.
Resumo:
In this paper we make progress towards solving an open problem posed by Katz and Yung at CRYPTO 2003. We propose the first protocol for key exchange among n ≥2k+1 parties which simultaneously achieves all of the following properties: 1. Key Privacy (including forward security) against active attacks by group outsiders, 2. Non-malleability — meaning in particular that no subset of up to k corrupted group insiders can ‘fix’ the agreed key to a desired value, and 3. Robustness against denial of service attacks by up to k corrupted group insiders. Our insider security properties above are achieved assuming the availability of a reliable broadcast channel.
